Still cant get rid of hard drive diagnostic after using malware remov and others

View previous topic View next topic Go down

Still cant get rid of hard drive diagnostic after using malware remov and others

Post by tturchi on Fri 10 Dec 2010, 2:22 am

I don't have any pop-ups from HDD, however I can't open Itunes or get on the internet either. My connection says that im connected to the internet but internet explorer says it cant connect. I've ran almost every anti-malware program I could find and I still cant get rid of it. Any suggestions please???

tturchi

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-12-10
Operating System : Windows vista

View user profile

Back to top Go down

Re: Still cant get rid of hard drive diagnostic after using malware remov and others

Post by Belahzur on Fri 10 Dec 2010, 11:46 am

Hello.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Still cant get rid of hard drive diagnostic after using malware remov and others

Post by tturchi on Fri 10 Dec 2010, 12:59 pm

It wont let me run the program. A message comes up and says im running an illegal program and need to close it or ignore. When I hit ignore It doesnt keep working.

tturchi

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-12-10
Operating System : Windows vista

View user profile

Back to top Go down

Re: Still cant get rid of hard drive diagnostic after using malware remov and others

Post by DragonMaster Jay on Fri 10 Dec 2010, 2:28 pm

Please download and run RKill.

Download mirror 1 - Download mirror 2 - Download mirror 3

  • Save it to your Desktop.
  • Double click the RKill desktop icon.
  • It will quickly run and launch a log. If it does not launch a log, try another download link until it does.
  • Please post its log in your next reply.
  • After it has run successfully, delete RKill.

Note: This tool only kills the active infection, the actual infection will not be gone. Once you reboot the infection will be active again! Please do not reboot until instructed further to do so.

Then, try the tool again.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Still cant get rid of hard drive diagnostic after using malware remov and others

Post by tturchi on Fri 10 Dec 2010, 3:09 pm

its screwin up again, saying the same error message

tturchi

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-12-10
Operating System : Windows vista

View user profile

Back to top Go down

Re: Still cant get rid of hard drive diagnostic after using malware remov and others

Post by tturchi on Fri 10 Dec 2010, 5:47 pm

OTL logfile created on: 12/10/2010 12:09:24 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = F:\
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 59.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.85 Gb Total Space | 56.12 Gb Free Space | 39.85% Space Free | Partition Type: NTFS
Drive D: | 8.20 Gb Total Space | 1.76 Gb Free Space | 21.52% Space Free | Partition Type: NTFS
Drive F: | 244.73 Mb Total Space | 206.18 Mb Free Space | 84.25% Space Free | Partition Type: FAT
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/12/07 00:31:23 | 000,063,360 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctplsg.sys -- (pctplsg)
DRV - [2010/12/07 00:31:21 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/02/05 09:17:56 | 000,233,136 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010/02/02 10:13:54 | 000,059,664 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2010/02/02 10:13:54 | 000,051,984 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2010/02/02 10:13:54 | 000,033,552 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2009/06/09 16:16:42 | 003,482,240 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/02/09 16:59:20 | 000,272,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20090811.001\IDSvix86.sys -- (IDSvix86)
DRV - [2008/01/17 21:15:59 | 000,109,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2008/01/17 21:15:57 | 000,385,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2007/12/06 01:59:02 | 000,895,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080118.007\navex15.sys -- (NAVEX15)
DRV - [2007/12/06 01:58:53 | 000,082,256 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080118.007\naveng.sys -- (NAVENG)
DRV - [2007/11/12 00:57:32 | 000,115,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2007/06/21 17:43:52 | 000,160,056 | ---- | M] (Webroot Software Inc ([You must be registered and logged in to see this link.] [Kernel | Boot | Running] -- C:\Windows\SYSTEM32\Drivers\SSIDRV.SYS -- (SSIDRV)
DRV - [2007/06/21 17:43:52 | 000,023,864 | ---- | M] (Webroot Software Inc ([You must be registered and logged in to see this link.] [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\sskbfd.sys -- (SSKBFD)
DRV - [2007/06/21 17:43:52 | 000,021,816 | ---- | M] (Webroot Software Inc ([You must be registered and logged in to see this link.] [Kernel | Boot | Running] -- C:\Windows\SYSTEM32\Drivers\SSHRMD.SYS -- (SSHRMD)
DRV - [2007/06/21 17:43:52 | 000,020,280 | ---- | M] (Webroot Software Inc ([You must be registered and logged in to see this link.] [Kernel | Boot | Running] -- C:\Windows\SYSTEM32\Drivers\SSFS0BB8.SYS -- (SSFS0BB8)
DRV - [2007/04/14 01:49:32 | 000,418,104 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2007/02/28 12:26:00 | 004,465,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/02/22 10:24:48 | 000,159,232 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/02/16 02:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/01/15 16:35:18 | 001,032,104 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/01/12 21:59:02 | 000,181,432 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/01/12 02:22:20 | 000,276,792 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/01/12 02:22:18 | 000,025,400 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/01/12 02:22:14 | 000,247,608 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/01/09 22:32:14 | 000,191,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/01/09 22:32:14 | 000,145,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2007/01/09 22:32:14 | 000,040,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2007/01/09 22:32:14 | 000,038,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2007/01/09 22:32:14 | 000,027,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/01/09 22:32:14 | 000,012,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2007/01/03 09:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/01/03 09:43:12 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/12/22 15:28:56 | 000,100,648 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2006/11/30 11:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/15 11:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/15 06:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/15 04:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/02 03:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 03:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 03:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 03:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 03:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 03:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 03:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 03:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 03:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 03:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 03:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 03:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 03:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 03:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 03:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 03:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 03:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 03:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 03:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 03:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 03:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 01:41:50 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)
DRV - [2006/11/02 01:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 01:41:48 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)
DRV - [2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 01:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/10/18 20:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2006/06/28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2004/06/09 17:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sacm2A.sys -- (USBCM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2007/07/21 14:51:20 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll (Symantec Corporation)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [lxdcamon] C:\Program Files\Lexmark 1300 Series\lxdcamon.exe (Lexmark)
O4 - HKLM..\Run: [LXDCCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXDCtime.DLL (Lexmark International, Inc.)
O4 - HKLM..\Run: [lxdcmon.exe] C:\Program Files\Lexmark 1300 Series\lxdcmon.exe File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SBC_McciTrayApp] C:\Program Files\SBC\update\SST.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [1352622799] C:\Users\Owner\AppData\Local\Temp\1352622799.exe (HardDrive Corporation)
O4 - HKCU..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKCU..\Run: [RunSpySweeperScheduleAtStartup] C:\Windows\System32\msfeedssync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [uiPGGcQmqy.exe] C:\Users\Owner\AppData\Local\Temp\uiPGGcQmqy.exe File not found
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -Mozilla\4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident\4.0; File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll (Installation Support)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} [You must be registered and logged in to see this link.] (CDownloadCtrl Object)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} [You must be registered and logged in to see this link.] (Facebook Photo Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0)

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/07 00:33:09 | 001,287,120 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2010/11/05 15:31:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2010/10/26 12:07:58 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010/08/18 22:58:36 | 000,121,856 | ---- | M] (Damien Elmes) -- C:\Program Files\Anki\Anki.exe
PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/15 12:50:36 | 001,142,224 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2010/03/11 12:09:22 | 000,366,840 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2010/02/02 10:13:54 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
PRC - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009/01/14 03:00:24 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/10/29 00:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/01 19:10:54 | 000,675,840 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
PRC - [2007/11/01 17:24:53 | 001,252,232 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2007/06/21 17:57:28 | 003,562,296 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
PRC - [2007/05/29 02:35:56 | 000,077,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0\bin\jusched.exe
PRC - [2007/03/28 18:45:34 | 000,270,431 | ---- | M] () -- C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapSvc.exe
PRC - [2007/02/28 13:35:32 | 001,011,200 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\SBC\update\SST.exe
PRC - [2007/02/12 17:57:22 | 000,082,864 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\spool\drivers\w32x86\3\lxdctime.exe
PRC - [2007/02/12 17:56:38 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxdccoms.exe
PRC - [2007/02/05 17:32:16 | 000,020,480 | ---- | M] (Lexmark) -- C:\Program Files\Lexmark 1300 Series\lxdcamon.exe
PRC - [2007/01/10 05:59:52 | 000,115,816 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2007/01/10 05:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007/01/05 22:04:10 | 000,554,616 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/01/05 08:19:28 | 000,047,712 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
PRC - [2006/11/28 06:34:38 | 000,134,808 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2006/11/28 06:34:26 | 000,122,008 | ---- | M] (symantec) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe
PRC - [2006/11/28 06:34:18 | 001,962,136 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2006/11/28 06:34:00 | 000,030,872 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe


========== Modules (SafeList) ==========

MOD - [2010/11/05 15:31:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
MOD - [2010/02/02 10:13:54 | 000,451,856 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll
MOD - [2009/10/30 11:18:16 | 000,147,024 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2008/01/19 01:26:34 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Unknown | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - File not found [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/15 12:50:36 | 001,142,224 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/11 12:09:22 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/02/02 10:13:54 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Running] -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/28 19:51:10 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/11/01 17:24:53 | 001,252,232 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/06/21 17:57:28 | 003,562,296 | ---- | M] (Webroot Software, Inc.) [Auto | Running] -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2007/03/28 18:45:38 | 000,118,877 | ---- | M] () [Auto | Stopped] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007/03/28 18:45:34 | 000,270,431 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2007/02/12 17:56:38 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdccoms.exe -- (lxdc_device)
SRV - [2007/01/14 07:11:06 | 000,080,504 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2007/01/13 03:40:58 | 000,049,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/10 05:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2007/01/10 05:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/01/10 05:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/01/10 05:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/01/09 15:55:34 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2007/01/05 22:04:10 | 002,918,008 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/01/05 22:04:10 | 000,554,616 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/01/05 08:19:28 | 000,047,712 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - [2006/11/28 06:34:26 | 000,122,008 | ---- | M] (symantec) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2006/11/28 06:34:18 | 001,962,136 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2006/11/28 06:34:00 | 000,030,872 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2004/10/22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)

O16 - DPF: {CB97291A-6603-466A-AA11-80C2EB74CB10} [You must be registered and logged in to see this link.] (CoxSelfInstallAx10 Control)
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 4)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNTF.dll - C:\Windows\System32\WRLogonNtf.dll (Webroot Software, Inc.)
O24 - Desktop WallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/29 02:15:18 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 09:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{2e3dada3-8f06-11dd-8bad-001b24599469}\Shell - "" = AutoRun
O33 - MountPoints2\{2e3dada3-8f06-11dd-8bad-001b24599469}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{2e91c2fa-cf52-11df-9521-001b24599469}\Shell\AutoRun\command - "" = F:\firefox.exe -- File not found
O33 - MountPoints2\{2e91c2ff-cf52-11df-9521-001b24599469}\Shell - "" = AutoRun
O33 - MountPoints2\{2e91c2ff-cf52-11df-9521-001b24599469}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{bf5e249f-cbeb-11dd-a584-001b24599469}\Shell - "" = AutoRun
O33 - MountPoints2\{bf5e249f-cbeb-11dd-a584-001b24599469}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/09 23:42:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/12/09 23:42:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/12/09 07:38:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Malwarebytes' Anti-Malware
[2010/12/09 07:36:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\backups
[2010/12/09 06:14:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod(5)
[2010/12/09 04:54:41 | 000,000,000 | --SD | C] -- C:\Combo-Fix
[2010/12/09 04:35:21 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/12/09 03:32:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/12/09 03:27:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\GetRightToGo
[2010/12/09 03:01:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2010/12/09 03:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/12/09 03:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/07 04:49:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\tdsskiller
[2010/12/07 01:13:32 | 000,059,664 | --S- | C] (PC Tools) -- C:\Windows\System32\drivers\TfSysMon.sys
[2010/12/07 01:13:31 | 000,051,984 | --S- | C] (PC Tools) -- C:\Windows\System32\drivers\TfFsMon.sys
[2010/12/07 01:13:31 | 000,033,552 | --S- | C] (PC Tools) -- C:\Windows\System32\drivers\TfNetMon.sys
[2010/12/07 00:25:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Threat Expert
[2010/12/06 23:59:02 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010/12/06 23:59:02 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010/12/06 23:59:02 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010/12/06 23:54:42 | 000,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/12/06 23:54:42 | 000,100,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/12/06 23:54:37 | 000,218,592 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/12/06 23:54:37 | 000,088,040 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010/12/06 23:54:28 | 000,063,360 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/12/06 23:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/12/06 23:54:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\PC Tools
[2010/12/06 23:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/12/06 23:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/12/06 23:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/12/06 23:53:43 | 036,319,104 | ---- | C] (PC Tools ) -- C:\Users\Owner\Desktop\7.0.0.543e-sdasetup-Revenue(207)-AVP.exe
[2010/12/06 23:46:12 | 000,331,159 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Owner\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/02 17:35:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My Recordings
[2010/12/02 05:47:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\SynthMaker
[2010/12/02 05:39:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Acoustica
[2010/12/02 05:39:15 | 000,057,344 | ---- | C] (NexiTech, Inc.) -- C:\Windows\System32\Wnaspint.dll
[2010/12/01 20:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound
[2010/12/01 20:18:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\NCH Swift Sound
[2010/12/01 20:18:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\NCH Software
[2010/12/01 20:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2010/12/01 20:18:00 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2009/08/12 00:48:26 | 000,015,429 | ---- | C] ( ) -- C:\Windows\System32\drivers\Sacm2A.sys
[2008/02/12 20:20:36 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXDChcp.dll
[2007/07/04 20:28:52 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2007/01/10 18:02:06 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxdcpmui.dll
[2007/01/10 18:00:42 | 001,232,896 | ---- | C] ( ) -- C:\Windows\System32\lxdcserv.dll
[2007/01/10 17:54:42 | 000,425,984 | ---- | C] ( ) -- C:\Windows\System32\lxdccomm.dll
[2007/01/10 17:53:10 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxdclmpm.dll
[2007/01/10 17:51:52 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxdciesc.dll
[2007/01/10 17:49:44 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxdcpplc.dll
[2007/01/10 17:49:00 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxdccomc.dll
[2007/01/10 17:48:30 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxdcprox.dll
[2007/01/10 17:42:24 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxdcinpa.dll
[2007/01/10 17:41:44 | 000,999,424 | ---- | C] ( ) -- C:\Windows\System32\lxdcusb1.dll
[2007/01/10 17:37:42 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxdchbn3.dll
[2 C:\Users\Owner\Documents\*.tmp files -> C:\Users\Owner\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/10 00:24:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1B4B815A-D010-46D5-BB24-EAC5524CA011}.job
[2010/12/10 00:12:42 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/09 23:42:45 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/09 23:42:26 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/09 23:42:26 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/09 22:16:21 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/12/09 21:54:40 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/09 21:54:40 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/09 21:44:30 | 000,052,775 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\nvModes.001
[2010/12/09 21:43:44 | 000,000,146 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/12/09 21:43:03 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/09 21:42:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/09 21:42:09 | 2078,916,608 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/09 21:39:26 | 000,004,096 | -H-- | M] () -- C:\Users\Owner\Desktop\._rkill.com
[2010/12/09 19:42:00 | 000,052,775 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\nvModes.dat
[2010/12/09 19:39:48 | 000,004,096 | -H-- | M] () -- C:\Users\Owner\Desktop\._OTL.exe
[2010/12/09 15:47:40 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job
[2010/12/09 09:56:46 | 000,000,803 | ---- | M] () -- C:\Users\Owner\Desktop\Hard Drive Diagnostic.lnk
[2010/12/09 04:33:41 | 000,001,356 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2010/12/07 00:31:23 | 000,063,360 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/12/07 00:31:21 | 000,218,592 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/12/06 23:54:35 | 000,001,759 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/12/06 23:53:43 | 036,319,104 | ---- | M] (PC Tools ) -- C:\Users\Owner\Desktop\7.0.0.543e-sdasetup-Revenue(207)-AVP.exe
[2010/12/06 23:49:54 | 000,000,529 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\mbam-setup-1.50.0.0.exe - Shortcut.lnk
[2010/12/06 23:42:12 | 000,331,159 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Owner\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/06 23:08:10 | 000,050,158 | ---- | M] () -- C:\Users\Owner\Documents\Chron's.docx
[2010/12/06 20:52:15 | 000,000,546 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Owner.job
[2010/12/06 09:02:47 | 000,000,184 | ---- | M] () -- C:\Windows\DIIDUnin.bat
[2010/12/06 02:41:08 | 000,000,162 | -H-- | M] () -- C:\Users\Owner\Documents\~$hron's.docx
[2010/12/06 01:59:44 | 000,042,855 | ---- | M] () -- C:\Users\Owner\Documents\Cancer Biology Test 3.docx
[2010/12/05 18:38:02 | 000,024,601 | ---- | M] () -- C:\Users\Owner\Documents\Trent%2520Turchi%5B1%5D[1].docx
[2010/12/02 05:33:00 | 000,526,208 | ---- | M] () -- C:\Users\Owner\Desktop\Acoustica-Mixcraft-5-Installer.exe
[2010/11/30 15:40:59 | 000,019,519 | ---- | M] () -- C:\Users\Owner\Documents\EvoTest4Leah[1].docx
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/11/19 10:20:02 | 000,015,419 | ---- | M] () -- C:\Users\Owner\Documents\spanish quiz 5.docx
[2010/11/18 14:03:14 | 654,104,458 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/11/17 11:51:16 | 000,018,927 | ---- | M] () -- C:\Users\Owner\Documents\Evo bio test 4.docx
[2010/11/15 15:01:46 | 000,025,383 | ---- | M] () -- C:\Users\Owner\Documents\Human Diseases Study Guide Test 4.docx
[2 C:\Users\Owner\Documents\*.tmp files -> C:\Users\Owner\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/09 23:42:45 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/09 21:39:55 | 000,004,096 | -H-- | C] () -- C:\Users\Owner\Desktop\._rkill.com
[2010/12/09 19:44:17 | 000,004,096 | -H-- | C] () -- C:\Users\Owner\Desktop\._OTL.exe
[2010/12/09 09:56:46 | 000,000,803 | ---- | C] () -- C:\Users\Owner\Desktop\Hard Drive Diagnostic.lnk
[2010/12/09 07:47:04 | 2078,916,608 | -HS- | C] () -- C:\hiberfil.sys
[2010/12/06 23:59:03 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/12/06 23:59:02 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010/12/06 23:59:02 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010/12/06 23:59:02 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010/12/06 23:59:02 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010/12/06 23:54:42 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat
[2010/12/06 23:54:37 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat
[2010/12/06 23:54:37 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat
[2010/12/06 23:54:35 | 000,001,759 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/12/06 23:54:28 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat
[2010/12/06 23:49:54 | 000,000,529 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\mbam-setup-1.50.0.0.exe - Shortcut.lnk
[2010/12/06 09:02:47 | 000,000,184 | ---- | C] () -- C:\Windows\DIIDUnin.bat
[2010/12/06 02:41:08 | 000,000,162 | -H-- | C] () -- C:\Users\Owner\Documents\~$hron's.docx
[2010/12/06 02:41:07 | 000,050,158 | ---- | C] () -- C:\Users\Owner\Documents\Chron's.docx
[2010/12/02 05:32:58 | 000,526,208 | ---- | C] () -- C:\Users\Owner\Desktop\Acoustica-Mixcraft-5-Installer.exe
[2010/11/30 15:40:58 | 000,019,519 | ---- | C] () -- C:\Users\Owner\Documents\EvoTest4Leah[1].docx
[2010/11/29 03:15:19 | 000,042,855 | ---- | C] () -- C:\Users\Owner\Documents\Cancer Biology Test 3.docx
[2010/11/17 11:51:14 | 000,018,927 | ---- | C] () -- C:\Users\Owner\Documents\Evo bio test 4.docx
[2010/11/15 08:04:40 | 000,015,419 | ---- | C] () -- C:\Users\Owner\Documents\spanish quiz 5.docx
[2010/11/14 20:04:20 | 000,025,383 | ---- | C] () -- C:\Users\Owner\Documents\Human Diseases Study Guide Test 4.docx
[2010/04/08 14:41:34 | 000,000,169 | ---- | C] () -- C:\Windows\System32\Mswrkdmk.dll
[2010/04/08 14:41:15 | 000,012,288 | ---- | C] () -- C:\Windows\System32\Hlinkprx.dll
[2010/04/08 14:41:11 | 000,110,592 | ---- | C] () -- C:\Windows\System32\SageKeyx.dll
[2009/08/12 00:48:26 | 000,053,693 | ---- | C] () -- C:\Windows\UNDPX2A.sys

tturchi

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-12-10
Operating System : Windows vista

View user profile

Back to top Go down

Re: Still cant get rid of hard drive diagnostic after using malware remov and others

Post by tturchi on Fri 10 Dec 2010, 5:48 pm

[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/06/09 16:16:42 | 003,482,240 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009/02/11 16:45:02 | 000,027,264 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008/02/12 20:20:43 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdcrwrd.ini
[2008/02/12 20:20:38 | 000,278,528 | ---- | C] () -- C:\Windows\System32\LXDCinst.dll
[2008/02/12 20:13:38 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxdccoin.dll
[2008/01/21 17:06:14 | 000,057,856 | ---- | C] () -- C:\Windows\Fce32.dll
[2008/01/21 17:06:11 | 000,092,672 | ---- | C] () -- C:\Windows\System32\See32.dll
[2008/01/21 17:06:11 | 000,057,856 | ---- | C] () -- C:\Windows\System32\Fce32.dll
[2007/11/03 13:18:20 | 000,000,096 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2007/08/15 09:11:43 | 000,001,356 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2007/07/22 12:27:36 | 000,014,848 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/21 15:39:23 | 000,052,775 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\nvModes.001
[2007/07/21 15:39:18 | 000,052,775 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\nvModes.dat
[2007/07/21 14:41:51 | 000,026,424 | ---- | C] () -- C:\Windows\System32\wrlzma.dll
[2007/07/21 14:16:07 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\QSwitch.txt
[2007/07/21 14:16:07 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\DSwitch.txt
[2007/07/21 14:16:07 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\AtStart.txt
[2007/05/29 02:01:18 | 000,000,320 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007/02/27 14:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2007/02/12 04:46:04 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdcgrd.dll
[2006/12/14 00:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/14 00:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 06:50:50 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop(216).ini
[2006/11/02 06:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 04:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/05/19 14:39:58 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2006/05/18 08:47:12 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdcvs.dll
[2006/03/09 18:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/05/07 06:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 203 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >







OTL Extras logfile created on: 12/10/2010 12:09:24 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = F:\
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 59.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.85 Gb Total Space | 56.12 Gb Free Space | 39.85% Space Free | Partition Type: NTFS
Drive D: | 8.20 Gb Total Space | 1.76 Gb Free Space | 21.52% Space Free | Partition Type: NTFS
Drive F: | 244.73 Mb Total Space | 206.18 Mb Free Space | 84.25% Space Free | Partition Type: FAT

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C8D6539-1866-453F-A841-75593E16FC1C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0D902096-5A0A-4C5D-9057-7FAC5000ADAC}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{1E60F31C-8852-4AC0-9CC4-1940565C868E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25EF8555-348E-4318-9A5C-40BFAD658678}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2BD4E913-73C5-4233-A31A-2DA38A9BBC0F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{34D32D54-B173-4D6B-8BAA-7EF508C28B53}" = protocol=6 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"{44A9BD37-460A-42B0-BAE9-49EE042ABF0E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{463C4FBD-0B87-4F6D-9F9B-F1B5599D416A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4E73B9BC-2B06-4191-B998-99BB066AE20D}" = protocol=17 | dir=in | app=c:\program files\rhapsody\rhapsody.exe |
"{569824B7-A737-4EF4-B82D-33BA026007A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5EE574ED-759F-49D7-A1FF-E5C4D6887601}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7804E874-7EB2-45F3-A26D-5FB446384DCD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B7E3122-E2BC-4803-B221-93A15376D9E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8D8F6F7D-59D8-44B5-9AD8-06B2638C7585}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{AA152DFB-103B-4FBB-B2D0-5FE4ED05A295}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B4EED9DA-748A-4F5D-A19C-4305BBC406E6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B51FF321-7FAE-40AD-8E8C-A9386AE760DD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B74FC575-5A24-41DA-9A31-FB9887809F72}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C23A4FA7-0103-41A8-8BAB-849A0F2D6349}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C4B7487F-3AF8-4716-A4C4-1C7A86FEEDFB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CE2956C5-D21F-4BE7-A9B2-425943633379}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E93F13E5-316C-4CCB-B36E-6257694B6316}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ED2EF06F-03BE-4973-801D-C5A8763E0E42}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ED844E42-56F1-4E74-9F4E-D8F9A98054E5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F0B57DD7-1C6A-40A4-AAC1-50B620250842}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F2BE45C9-C79C-4AEE-BF25-58B0A594D718}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F335E121-F806-4573-8F94-303EBE5A0D87}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{23ACAFF9-05D1-400C-817A-B791D5ACDA60}C:\program files\lexmark 1300 series\lxdcamon.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 1300 series\lxdcamon.exe |
"TCP Query User{6F77434E-A829-424D-BDFE-C218740AF0A1}C:\program files\lexmark 1300 series\lxdcamon.exe" = protocol=6 | dir=in | app=c:\program files\lexmark 1300 series\lxdcamon.exe |
"UDP Query User{407F9262-16DE-4D82-82EF-6E5519C387B2}C:\program files\lexmark 1300 series\lxdcamon.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 1300 series\lxdcamon.exe |
"UDP Query User{BC6B0A87-BB75-416A-826F-2A628AD1842B}C:\program files\lexmark 1300 series\lxdcamon.exe" = protocol=17 | dir=in | app=c:\program files\lexmark 1300 series\lxdcamon.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0BFC200F-C45D-4271-AF34-4CA969225DEB}" = muvee autoProducer 6.0
"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FDC0240-DAD6-4A01-AA42-4D224D8DF041}" = Symantec Real Time Storage Protection Component
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{290B83AA-093A-45BF-A917-D1C4A1E8D917}" = HP Active Support Library
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3115C75C-E386-4E53-B470-2BA22F8342E1}" = DU Waterfowl Scenes
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 B1
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3FFB3B34-D639-4384-9AE9-DDE58430D86F}" = MSCU for Microsoft Vista
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.2
"{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5ABB5D02-BBAA-41D4-BDED-A52DB89A2D2F}" = Wal-Mart Digital Photo Manager
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{7C9E6E52-EB11-44DB-A761-82D5D873A8D9}" = Symantec AntiVirus
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{88A548E6-4B09-43E7-AD55-3C7D1B37706D}" = ESU for Microsoft Vista
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
"{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1" = Yawcam v0.3.0
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9061CEF2-51F5-42C9-8A70-9ED351C6597A}" = HP Help and Support
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AF0B98A9-F7E2-4FF5-88C7-7960EB91752B}" = HP User Guides 0041
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4B5AD48-8D34-41D3-BD8A-8A10BD9BDED3}_is1" = Spy Sweeper
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{F6B29003-A078-4491-AFBE-62EFB6CFFE19}" = HP Total Care Advisor
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"Anki" = Anki
"Browser Defender_is1" = Browser Defender 2.0.6.15
"CNXT_HDAUDIO" = Conexant HD Audio
"Crack DAT PAT" = Crack DAT PAT 2010-2011
"DAT Digital Test Booklet v.3.0R" = DAT Digital Test Booklet v.3.0R
"Download Manager" = Download Manager 2.3.6
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.0
"IMME Algebra" = IMME Algebra
"iPowerHour_is1" = iPowerHour 3.0
"Lexmark 1300 Series" = Lexmark 1300 Series
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"Rhapsody" = Rhapsody
"Spyware Doctor" = Spyware Doctor 7.0
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TSPDAT" = TSPDAT
"WebSTAR DPC2100 Uninstall" = Scientific-Atlanta WebSTAR 2000 series Cable Modem
"WildTangent hplaptop Master Uninstall" = My HP Games

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UltimateBet" = UltimateBet

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/8/2009 10:18:42 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application AcroRd32.exe, version 8.1.0.137, time stamp 0x46444e37,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x2400294d, process id 0x1590, application start time 0x01ca48574dd0f170.

Error - 10/14/2009 10:12:33 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application jusched.exe, version 6.0.0.105, time stamp 0x456d5953,
faulting module jusched.exe, version 6.0.0.105, time stamp 0x456d5953, exception
code 0xc0000005, fault offset 0x00001cdb, process id 0x7e8, application start time
0x01ca4d3c2df97205.

Error - 10/16/2009 5:12:55 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application ccSvcHst.exe, version 106.2.0.21, time stamp
0x45a46679, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,
exception code 0xc0000005, fault offset 0x00042e7b, process id 0x5fc, application
start time 0x01ca4bddc5b25e09.

Error - 10/17/2009 9:18:58 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application jusched.exe, version 6.0.0.105, time stamp 0x456d5953,
faulting module jusched.exe, version 6.0.0.105, time stamp 0x456d5953, exception
code 0xc0000005, fault offset 0x00001cdb, process id 0xb78, application start time
0x01ca4f903fdf2ff3.

Error - 10/18/2009 11:48:28 AM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application jusched.exe, version 6.0.0.105, time stamp 0x456d5953,
faulting module jusched.exe, version 6.0.0.105, time stamp 0x456d5953, exception
code 0xc0000005, fault offset 0x00001cdb, process id 0xe50, application start time
0x01ca5009b7f9f9a8.

Error - 10/19/2009 3:46:21 PM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application jusched.exe, version 6.0.0.105, time stamp 0x456d5953,
faulting module jusched.exe, version 6.0.0.105, time stamp 0x456d5953, exception
code 0xc0000005, fault offset 0x00001cdb, process id 0xdb0, application start time
0x01ca50f40e716fc3.

Error - 10/24/2009 9:53:27 AM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application jusched.exe, version 6.0.0.105, time stamp 0x456d5953,
faulting module jusched.exe, version 6.0.0.105, time stamp 0x456d5953, exception
code 0xc0000005, fault offset 0x00001cdb, process id 0xf6c, application start time
0x01ca54b09ae3c81a.

Error - 10/26/2009 1:21:07 PM | Computer Name = Owner-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x8007041D

Error - 10/26/2009 1:21:09 PM | Computer Name = Owner-PC | Source = Symantec AntiVirus | ID = 16711725
Description = SYMANTEC TAMPER PROTECTION ALERT Target: C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
Event
Info: Terminate Process Action Taken: Blocked Actor Process: C:\WINDOWS\SYSTEM32\SERVICES.EXE
(PID 652) Time: Monday, October 26, 2009 12:21:08 PM

Error - 11/3/2009 1:25:43 AM | Computer Name = Owner-PC | Source = Symantec AntiVirus | ID = 16711720
Description = Symantec AntiVirus has determined that the virus definitions are missing
on this computer. This computer will remain unprotected from viruses until virus
definitions are downloaded to this computer.

[ Media Center Events ]
Error - 11/3/2007 9:46:54 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/8/2007 1:41:43 AM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/18/2007 10:50:30 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/20/2007 12:58:17 AM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/27/2007 12:58:57 AM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/5/2007 8:51:22 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/30/2008 9:24:46 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 8/15/2008 5:48:18 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 8/14/2009 4:53:06 AM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/26/2009 3:11:34 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ OSession Events ]
Error - 11/14/2008 5:07:44 AM | Computer Name = Owner-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6324.5001, Microsoft Office Version: 12.0.6215.1000. This session lasted 86144
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 12/9/2010 11:45:10 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 12/9/2010 11:45:39 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
Description =

Error - 12/9/2010 11:54:31 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 12/9/2010 11:54:31 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 12/9/2010 11:56:31 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 12/9/2010 11:56:31 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 12/10/2010 2:05:51 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 12/10/2010 2:05:51 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 12/10/2010 2:08:27 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 12/10/2010 2:08:27 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7034
Description =


< End of report >

tturchi

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-12-10
Operating System : Windows vista

View user profile

Back to top Go down

Re: Still cant get rid of hard drive diagnostic after using malware remov and others

Post by DragonMaster Jay on Sat 11 Dec 2010, 5:24 pm

Please run OTL
  • Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

    Code:
    :otl
    O4 - HKCU..\Run: [1352622799] C:\Users\Owner\AppData\Local\Temp\1352622799.exe (HardDrive Corporation)
    O4 - HKCU..\Run: [uiPGGcQmqy.exe] C:\Users\Owner\AppData\Local\Temp\uiPGGcQmqy.exe File not found
    O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
    O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
    @Alternate Data Stream - 203 bytes -> C:\ProgramData\TEMP:DFC5A2B2
    @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
    [2010/12/09 09:56:46 | 000,000,803 | ---- | C] () -- C:\Users\Owner\Desktop\Hard Drive Diagnostic.lnk

    :commands
    [emptytemp]
    [reboot]

  • Then click the Run Fix button at the top.
  • Note: The fix for OTL automatically hides your Desktop and Start menu so the fix can be completed. Do not be alerted, this is normal.
  • Please do not exit the program. It might take a while to fix, but allow it to run. If it asks to reboot the computer, allow it to reboot. If the program freezes, and the computer fails to reboot - let me know.
    Lastly, post the contents of the log. (Located at C:\_OTL\Moved Files)


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Still cant get rid of hard drive diagnostic after using malware remov and others

Post by tturchi on Fri 24 Dec 2010, 8:13 pm

The virus is gone now however I still cannot use the internet or open itunes. I can open microsoft word though.

tturchi

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-12-10
Operating System : Windows vista

View user profile

Back to top Go down

Re: Still cant get rid of hard drive diagnostic after using malware remov and others

Post by DragonMaster Jay on Mon 27 Dec 2010, 5:54 am

Please post OTL fix log.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Still cant get rid of hard drive diagnostic after using malware remov and others

Post by DragonMaster Jay on Mon 03 Jan 2011, 8:33 am

Still with us?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

  • Slow computer
  • Error messages
  • Fake antivirus alerts or the icon in the system tray
  • svchost.exe running at 100%
  • System crashes or blue screen of death


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Still cant get rid of hard drive diagnostic after using malware remov and others

Post by Sponsored content Today at 9:43 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum