Help required smart repair HDD

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

Help required smart repair HDD

Post by wildfly73 on Fri 20 Apr 2012, 6:55 am

Hello,
Iv tried using GeekPolice Smart repair HDD removal guide, links to malwarebytes from the guide do not work on my infected computer but will on an unifected friends laptop. So downloaded malwarebytes to a USB and uploaded to my computer. icon appeares on desktop but does not function when clicked on. Even tried renaming malwarebytes but this not worked to. Seems like im locked out of C drive. Also opening internet explorer and typing in a website address it gets redirected to a ad or useless search engine. Plus the @ key no longer produces an @ when shift and @ are pressed. In Start menue all programmes are empty and desk top is blank (no icons showing) Still have access to IBOS.
Really in need of some help with this. Worst malware infection iv experienced.
Many Thanks
Stephen.


Last edited by wildfly73 on Fri 20 Apr 2012, 7:31 am; edited 1 time in total (Reason for editing : clarification/additional info)

wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by Superdave on Sat 21 Apr 2012, 5:32 am

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

You may want to consider purchasing Malwarebytes' Anti-Malware to protect against viruses and other threats.
Additionally, purchasing an effective antivirus program is a good idea. This will protect your identity and your computer against all types of viruses and other malware. See the Cheetah Market now:
*****************************************************************
Please try running MBAM in Safe Mode.



Save these instructions so you can have access to them while in Safe Mode.

Please click here to download AVP Tool by Kaspersky.

  • Save it to your desktop.
  • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
  • Double click the setup file to run it.
  • Click Next to continue.
  • Accept the License agreement and click on next.
  • It will, by default, install it to your desktop folder. Click Next.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.

  • Hidden Startup Objects
  • System Memory
  • Disk Boot Sectors.
  • My Computer.
  • Also any other drives (Removable that you may have)

Leave the rest of the settings as they appear as default.
•Then click on Scan at the to right hand Corner.
•It will automatically Neutralize any objects found.
•If some objects are left un-neutralized then click the button that says Neutralize all
•If it says it cannot be neutralized then choose the delete option when prompted.
•After that is done click on the reports button at the bottom and save it to file name it Kas.
•Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

Note: This tool will self uninstall when you close it so please save the log before closing it.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by wildfly73 on Sat 21 Apr 2012, 7:30 am

iv tried tapping F8 key on start up but does not direct to safe mode option screen. I know the safe mode screen iv used it last year. A screen titled Hardware Recovery Menu appears giving option Profile 1 (i dont know what that is) or press L to boot last good configuration or exit menu to continue start up.

i tried rebooting again and this time a screen appeared
Please Select Boot Device
1st boot device [Pm-Phillips Drom621]
2nd boot device [generic STORAGE DE]
3rd boot device [3m-WDC WD1600JT-55]

each time i rebooted (6 times) i get one of the above screens. So at the moment i carnt access safe mode by tapping F8 on start up. is there another way we can acess safe mode?

wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by Superdave on Sat 21 Apr 2012, 9:13 am

We are going to be using a Windows Recovery Environment to help disinfect the system so it may boot again.

Download the OTLPE Standard REATOGO Windows Recovery Environment.

  • Place a blank CD-R disc in to your CD burning drive.
  • Download OTLPEStd.exe and double-click on it to burn to a CD using an ISO Burner. One can be found here.
  • Reboot your system using the boot CD you just created.
  • Note : If you do not know how to set your computer to boot from CD follow the steps here
  • Your system should now display a REATOGO-X-PE desktop.
  • Double-click on the OTLPE icon.
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start. Change the following settings
  • Change Drivers to Non-Microsoft
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\_OTL\MovedFiles
  • Copy this file to your USB drive if you do not have internet connection on this system
  • Please post the contents of the OTL.txt file in your reply.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by wildfly73 on Sun 22 Apr 2012, 12:10 am

Hello,
On completion of the download OTLPEStd.exe to the blank CD-R the computer said download successfully completed. im using a friends laptop HP Pavilion dv3000, intel centrino 2, windows vista, its about 3 years old, to do the download. I do not know if it has an ISO burner. How can i find out if it has?
If i need to download ISO burner which do i need to choose isoburner.exe or ISOburner.rar.
Many thanks
stephen


Last edited by wildfly73 on Sun 22 Apr 2012, 12:12 am; edited 1 time in total (Reason for editing : spelling error)

wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by Superdave on Sun 22 Apr 2012, 4:42 am

If i need to download ISO burner which do i need to choose isoburner.exe or ISOburner.rar.
Please down load this one. It's much better.

here.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by wildfly73 on Sun 22 Apr 2012, 8:20 am

Ok iv downloaded imgburner. how do i use it to burn OTLPEStd.exe ie which options on imgburner do i use.
Thanks
stephen.

wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by Superdave on Sun 22 Apr 2012, 9:15 am

First, save the OTLPEStd.exe file somewhere you can find it easily such as on your desktop. Next open IMG burner and in the upper left hand corner click the "write image file to disk" button. Now in the Source box click the first icon which is the browse button. Navigate to where you saved the file and select it. It will only show ISO files. Once you have selected the file the icons in the bottom left-hand corner will light up if you have a writable disk in the drive and now your ready to burn the ISO image.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by wildfly73 on Mon 23 Apr 2012, 2:57 am

Hello again superdave,
After many attempts iv successfully burned OTLPEStd.exe using imgburn to disk. On my infected computer Iv entered IBOS setup utility scrolled to boot tab selected boot device priority.

1st boot device [3M-WDC WD1600JD-55]
2nd boot device [Generic STORAGE DE]
3rd boot device [PM-PHILIPS DR0M621]

As you can see no option to set prority for CDROM or hard drive.
Is there another way to set priorty boot device to CDROM?
thanks again

wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by Superdave on Mon 23 Apr 2012, 10:30 am

You should experiment with change the boot order of # 3 to # 1 and if that doesn't work, try # 2 to #1. I would suspect that the 3rd one is your CDROM.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by wildfly73 on Tue 24 Apr 2012, 5:48 am

Hello superdave,
Iv booted using CDROM drive now displaying REATOGO-X-PE desktop. Double clicked OTLPE icon. It did not ask "Do you wish to load the remote registry", but did ask "Do you wish to load remote user profile(s) for scanning", i clicked yes. OTLPE opens. i could not find option you instructed to turn drivers to non microsoft. What i found was this - In the box labled Drivers - 3 options; non, Safe List, All. Safe List was already selected so i left it as that. I ran scan and the scan results were produced. I have internet connection on the infected system. internet explorer opens google. I type in [You must be registered and logged in to see this link.] to send OTPLE scan results but im stopped by a warning box - microsoft internet explorer cannot open the internet site [You must be registered and logged in to see this link.] Operation Aborted. i tried again and again same result. However, i can use [You must be registered and logged in to see this link.] with no problems. hmmm. Also im concerned using USB to transfer OTLPE scan results from my infected computer to my friends laptop to post here. in your experience is the risk of infection high?
Thanks Superdave.


Last edited by wildfly73 on Tue 24 Apr 2012, 7:15 am; edited 1 time in total (Reason for editing : addition info)

wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by Superdave on Tue 24 Apr 2012, 9:24 am

Also im concerned using USB to transfer OTLPE scan results from my infected computer to my friends laptop to post here. in your experience is the risk of infection high?
If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. If you're still afraid of getting infected, you can use CD-RW's to transfer the data.

SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
************************************************
Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by wildfly73 on Wed 25 Apr 2012, 7:53 am

Hello superdave, i hope you are well.

Attempted to download superantispyware (SAS)from the internet on my infected computer. As soon as superantispyware trys to begin copying files in its installation process this message pops up Install Error, File copy error, aborting installation. Iv tried downloading it again and same message appears. Iv looked on SAS website for solutions 2 came up. 1 Started download of RUNSAS.EXE same Install Error, File Copy Error pops up. 2 Started download of SASSAFERUN.COM and a blue screen appears Windows has shut down your computer to protect it. No keys worked at this point so i turned power off and on again and its restarted. Can you help to remedy this?

Iv not attempted downloading malwarebytes yet incase you wanted it done after superantispyware.

Tried using cd-rw to record the OTLPE log results. opened OTLPE log, attempted to save to relevant cd drive then the system said i did not have administor authorisation?

Whilst searching through my C:/program Files i found Spybot-search & destroy malwarebytes anti-malware, McAfee and McAfee security scan, Windows defender.

Thanks SuperDave


Last edited by wildfly73 on Fri 27 Apr 2012, 6:28 am; edited 5 times in total (Reason for editing : additional info)

wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

OTLPE log results

Post by wildfly73 on Sun 29 Apr 2012, 12:20 am

Hello, please find attached the OTLPE log results.


wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by wildfly73 on Sun 29 Apr 2012, 12:27 am

Hello,OTLPE seemed to fail to attach. Part 1 OTLPE

OTL logfile created on: 4/27/2012 3:06:09 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

511.00 Mb Total Physical Memory | 263.00 Mb Available Physical Memory | 51.00% Memory free
459.00 Mb Paging File | 322.00 Mb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 766 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 104.08 Gb Free Space | 69.83% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- -- (SCardSvr)
SRV - File not found [Auto] -- -- (LiveUpdate Notice Ex)
SRV - File not found [Auto] -- -- (CLTNetCnService)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2012/04/07 07:16:56 | 000,253,600 | -H-- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/08 09:32:27 | 002,152,152 | -H-- | M] (Lavasoft Limited) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/01/15 08:49:20 | 000,227,232 | -H-- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/02/27 13:56:54 | 003,072,184 | -H-- | M] (Kontiki Inc.) [Auto] -- C:\Program Files\Kontiki\KService.exe -- (KService)
SRV - [2008/01/29 13:38:31 | 000,583,048 | -H-- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/08/09 03:27:52 | 000,073,728 | -H-- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/06/15 12:55:00 | 000,300,544 | -H-- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006/11/03 14:19:58 | 000,013,592 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2004/10/19 23:47:54 | 000,098,304 | -H-- | M] () [Auto] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor)
SRV - [2004/10/19 22:40:46 | 000,118,784 | -H-- | M] () [Auto] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe -- (PhotoshopElementsDeviceConnect)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - [2011/12/23 03:12:12 | 000,064,512 | -H-- | M] (Lavasoft AB) [File_System | Boot] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2011/12/23 03:12:10 | 000,015,232 | -H-- | M] () [Kernel | On_Demand] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/06/20 14:42:47 | 000,023,456 | -H-- | M] (Phoenix Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2007/11/14 10:11:46 | 000,395,312 | -H-- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2007/02/22 07:15:56 | 000,137,216 | -H-- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007/02/22 07:15:14 | 000,012,288 | -H-- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007/02/22 07:15:14 | 000,012,288 | -H-- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007/02/22 07:15:14 | 000,008,320 | -H-- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006/11/03 12:00:31 | 000,022,768 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2005/04/15 12:05:42 | 002,564,032 | -H-- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/03/04 06:10:26 | 000,074,496 | -H-- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005/01/31 06:20:04 | 000,211,712 | RH-- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2005/01/31 06:12:48 | 000,022,016 | RH-- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005/01/19 23:25:38 | 000,965,632 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/01/07 11:07:16 | 000,145,920 | -H-- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/03 18:31:34 | 000,020,992 | -H-- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/05/20 07:58:54 | 000,379,456 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PRISMA02.sys -- (PRISM_A02)
DRV - [2004/03/10 11:27:18 | 000,011,264 | -H-- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2003/12/08 06:53:48 | 000,053,600 | -H-- | M] (THOMSON) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003/12/08 06:53:46 | 000,070,688 | -H-- | M] (THOMSON) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003/11/13 13:19:48 | 000,210,304 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/13 13:18:36 | 000,679,808 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/13 13:17:00 | 001,042,816 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2002/11/27 21:16:36 | 000,021,081 | RH-- | M] (Pixela) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pixmcvv.sys -- (PIXMCVV)
DRV - [2002/10/03 15:53:22 | 000,028,057 | RH-- | M] (Pixela) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pixmcva.sys -- (PIXMCVA)
DRV - [2002/09/28 01:08:08 | 000,032,000 | RH-- | M] (Pixela) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pixmcvc.sys -- (PIXMCV)
DRV - [2002/03/19 05:29:16 | 000,014,165 | -H-- | M] (Pinnacle Systems GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Anthony_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKU\Anthony_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Anthony_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKU\Anthony_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = [You must be registered and logged in to see this link.] [binary data]
IE - HKU\Anthony_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKU\Anthony_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKU\Anthony_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKU\Anthony_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Dawn_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\Dawn_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKU\Dawn_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKU\Dawn_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKU\Dawn_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Lee_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKU\Lee_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Lee_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKU\Lee_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKU\Lee_ON_C\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKU\Lee_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Stephen_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Stephen_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKU\Stephen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKU\Stephen_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Stephen_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/04/29 16:13:21 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/03/21 16:43:24 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/04/10 07:44:50 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/04/10 07:44:51 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2011/01/22 07:06:56 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.4.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2011/03/19 07:18:18 | 000,000,000 | -H-D | M]


O1 HOSTS File: ([2011/06/22 07:38:12 | 000,000,027 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5

wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by wildfly73 on Sun 29 Apr 2012, 12:32 am

Hello, part2 OTLPE log

========== Files Created - No Company Name ==========

[2012/04/18 11:25:47 | 536,203,264 | -HS- | C] () -- C:\hiberfil.sys
[2012/04/18 10:34:13 | 000,000,065 | -H-- | C] () -- C:\Documents and Settings\Administrator\Application Data\mbam.context.scan
[2012/04/16 15:05:17 | 000,000,833 | -H-- | C] () -- C:\Documents and Settings\Stephen\Application Data\Microsoft\Internet Explorer\Quick Launch\SMART_HDD.lnk
[2012/04/16 14:47:43 | 000,000,168 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\-jL6svp0h5ESLeVr
[2012/04/16 14:47:43 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\-jL6svp0h5ESLeV
[2012/04/16 14:47:38 | 000,000,815 | -H-- | C] () -- C:\Documents and Settings\Stephen\Desktop\SMART_HDD.lnk
[2012/04/16 14:47:35 | 000,000,480 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\jL6svp0h5ESLeV
[2012/04/07 07:17:29 | 000,000,830 | -H-- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2011/06/22 07:05:54 | 000,256,512 | -H-- | C] () -- C:\WINDOWS\PEV.exe
[2011/06/22 07:05:54 | 000,208,896 | -H-- | C] () -- C:\WINDOWS\MBR.exe
[2011/06/22 07:05:54 | 000,098,816 | -H-- | C] () -- C:\WINDOWS\sed.exe
[2011/06/22 07:05:54 | 000,080,412 | -H-- | C] () -- C:\WINDOWS\grep.exe
[2011/06/22 07:05:54 | 000,068,096 | -H-- | C] () -- C:\WINDOWS\zip.exe
[2011/06/19 12:32:17 | 000,013,800 | -HS- | C] () -- C:\Documents and Settings\Stephen\Local Settings\Application Data\ux28k8k70xg6ehd13ev2e
[2011/06/19 12:32:17 | 000,013,800 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\ux28k8k70xg6ehd13ev2e
[2011/04/30 04:22:44 | 000,000,064 | -H-- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/04/30 04:22:44 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/05/08 14:34:05 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/12/26 06:44:14 | 000,000,073 | -H-- | C] () -- C:\WINDOWS\MediaManager.INI
[2008/10/06 10:52:47 | 000,010,298 | -H-- | C] () -- C:\Documents and Settings\Dawn\Application Data\wklnhst.dat
[2008/10/05 12:52:15 | 000,000,127 | -H-- | C] () -- C:\Documents and Settings\Dawn\Local Settings\Application Data\fusioncache.dat
[2008/06/10 20:07:20 | 003,596,288 | -H-- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/02/15 07:20:24 | 000,000,032 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008/01/09 10:50:55 | 000,481,823 | -H-- | C] () -- C:\Documents and Settings\Stephen\Application Data\NMM-MetaData.db
[2007/12/29 09:15:56 | 000,000,736 | -H-- | C] () -- C:\WINDOWS\SamsungMaster.INI
[2007/12/26 08:17:50 | 000,008,704 | -H-- | C] () -- C:\WINDOWS\System32\vidccleaner.exe
[2007/03/29 19:00:40 | 000,203,264 | RH-- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2006/11/25 16:22:53 | 000,000,214 | -H-- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/11/22 14:29:43 | 000,000,719 | -H-- | C] () -- C:\Documents and Settings\Lee\Application Data\QuickZip45.ini
[2006/11/08 08:10:27 | 000,024,064 | -H-- | C] () -- C:\Documents and Settings\Stephen\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/03 12:00:13 | 000,014,294 | -H-- | C] () -- C:\Documents and Settings\Lee\1162569612-oem33.PNF
[2006/11/03 12:00:13 | 000,012,820 | -H-- | C] () -- C:\Documents and Settings\Lee\1162569613-oem34.PNF
[2006/11/03 12:00:13 | 000,012,546 | -H-- | C] () -- C:\Documents and Settings\Lee\1162569613-oem35.PNF
[2006/11/03 12:00:13 | 000,007,195 | -H-- | C] () -- C:\Documents and Settings\Lee\1162569612-oem33.inf
[2006/11/03 12:00:13 | 000,005,891 | -H-- | C] () -- C:\Documents and Settings\Lee\1162569613-oem35.inf
[2006/11/03 12:00:13 | 000,005,877 | -H-- | C] () -- C:\Documents and Settings\Lee\1162569613-oem34.inf
[2006/11/03 11:43:17 | 000,014,294 | -H-- | C] () -- C:\Documents and Settings\Lee\1162568597-oem33.PNF
[2006/11/03 11:43:17 | 000,012,820 | -H-- | C] () -- C:\Documents and Settings\Lee\1162568597-oem34.PNF
[2006/11/03 11:43:17 | 000,012,546 | -H-- | C] () -- C:\Documents and Settings\Lee\1162568597-oem35.PNF
[2006/11/03 11:43:17 | 000,007,195 | -H-- | C] () -- C:\Documents and Settings\Lee\1162568597-oem33.inf
[2006/11/03 11:43:17 | 000,005,891 | -H-- | C] () -- C:\Documents and Settings\Lee\1162568597-oem35.inf
[2006/11/03 11:43:17 | 000,005,877 | -H-- | C] () -- C:\Documents and Settings\Lee\1162568597-oem34.inf
[2006/11/03 11:32:37 | 000,014,294 | -H-- | C] () -- C:\Documents and Settings\Lee\1162567956-oem33.PNF
[2006/11/03 11:32:37 | 000,012,820 | -H-- | C] () -- C:\Documents and Settings\Lee\1162567957-oem34.PNF
[2006/11/03 11:32:37 | 000,012,546 | -H-- | C] () -- C:\Documents and Settings\Lee\1162567957-oem35.PNF
[2006/11/03 11:32:37 | 000,005,891 | -H-- | C] () -- C:\Documents and Settings\Lee\1162567957-oem35.inf
[2006/11/03 11:32:37 | 000,005,877 | -H-- | C] () -- C:\Documents and Settings\Lee\1162567957-oem34.inf
[2006/11/03 11:32:36 | 000,007,195 | -H-- | C] () -- C:\Documents and Settings\Lee\1162567956-oem33.inf
[2006/09/17 11:27:22 | 000,009,255 | RH-- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/09/17 11:22:51 | 000,053,248 | RH-- | C] () -- C:\WINDOWS\System32\InstMed.exe
[2006/09/17 11:20:30 | 000,081,920 | RH-- | C] () -- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
[2006/09/06 07:44:44 | 000,001,084 | ---- | C] () -- C:\Documents and Settings\Anthony\Application Data\QuickZip45.ini
[2006/06/28 12:37:07 | 000,000,206 | -H-- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/05/27 12:03:20 | 000,007,195 | -H-- | C] () -- C:\Documents and Settings\Lee\USBMOT2000.INF
[2006/05/27 12:03:20 | 000,005,891 | -H-- | C] () -- C:\Documents and Settings\Lee\USBMOT2000XP.INF
[2006/05/27 12:03:20 | 000,005,877 | -H-- | C] () -- C:\Documents and Settings\Lee\USB_CMCS_2000.INF
[2006/05/27 12:03:11 | 000,019,758 | -H-- | C] () -- C:\Documents and Settings\Lee\1148745791-oem33.PNF
[2006/05/27 12:03:11 | 000,011,167 | -H-- | C] () -- C:\Documents and Settings\Lee\1148745791-oem33.inf
[2006/04/27 05:21:49 | 000,002,825 | -H-- | C] () -- C:\Documents and Settings\Stephen\Application Data\QuickZip45.ini
[2006/03/06 06:41:02 | 000,073,728 | -H-- | C] () -- C:\WINDOWS\System32\AMV_DecDLL.dll
[2005/11/22 18:34:29 | 000,051,200 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/11/15 07:38:35 | 000,002,565 | -H-- | C] () -- C:\WINDOWS\mozver.dat
[2005/11/15 07:37:13 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/11/06 15:19:53 | 000,016,973 | -H-- | C] () -- C:\WINDOWS\System32\ZWebAuth.dll
[2005/11/01 15:25:12 | 000,000,550 | -H-- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/10/30 17:56:31 | 000,000,284 | -H-- | C] () -- C:\Documents and Settings\Lee\Application Data\ViewerApp.dat
[2005/10/17 05:33:59 | 000,005,606 | -H-- | C] () -- C:\WINDOWS\System32\stci.dll
[2005/10/08 05:35:10 | 000,001,680 | -H-- | C] () -- C:\Documents and Settings\Lee\Application Data\wklnhst.dat
[2005/09/29 05:37:04 | 000,000,126 | -H-- | C] () -- C:\Documents and Settings\Lee\Local Settings\Application Data\fusioncache.dat
[2005/09/26 06:26:52 | 000,000,130 | -H-- | C] () -- C:\Documents and Settings\Stephen\Local Settings\Application Data\fusioncache.dat
[2005/09/25 13:51:54 | 000,068,946 | -H-- | C] () -- C:\WINDOWS\hpoins05.dat
[2005/09/25 13:51:54 | 000,019,696 | -H-- | C] () -- C:\WINDOWS\hpomdl05.dat
[2005/09/24 10:22:16 | 000,004,948 | ---- | C] () -- C:\Documents and Settings\Anthony\Application Data\wklnhst.dat
[2005/09/18 15:06:37 | 000,187,904 | -H-- | C] () -- C:\Documents and Settings\Lee\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/16 11:16:15 | 000,037,172 | -H-- | C] () -- C:\Documents and Settings\Stephen\Application Data\wklnhst.dat
[2005/09/15 15:51:48 | 000,406,016 | -H-- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe
[2005/09/15 15:33:00 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/09/13 10:15:55 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\fusioncache.dat
[2005/09/13 10:15:42 | 000,039,955 | -H-- | C] () -- C:\WINDOWS\System32\compare.dat
[2005/08/13 09:41:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\sirenacm(2).dll
[2005/05/23 06:09:02 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/05/21 12:05:44 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/05/21 12:04:57 | 000,268,600 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/05/21 11:48:38 | 000,073,845 | -H-- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/05/21 11:47:26 | 000,156,672 | -H-- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/05/21 11:37:01 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/05/21 11:37:00 | 000,382,000 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/05/21 11:37:00 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/05/21 11:37:00 | 000,053,552 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/05/21 11:37:00 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/05/21 11:36:59 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/05/21 11:36:59 | 000,004,643 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/05/21 11:36:58 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/05/21 11:36:55 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/05/21 11:36:55 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/05/21 11:36:51 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/05/21 11:36:48 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/05/21 10:39:59 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/21 10:39:06 | 000,204,800 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/05/21 10:39:06 | 000,188,416 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/05/21 10:39:05 | 000,200,704 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/05/21 10:39:05 | 000,192,512 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/05/21 10:39:05 | 000,192,512 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/05/21 10:39:05 | 000,020,480 | -H-- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/05/21 10:28:36 | 000,000,780 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2005/05/21 10:15:28 | 000,000,828 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/05/21 10:14:11 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/05/21 10:10:57 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/12/20 07:08:28 | 000,180,224 | -H-- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/20 07:03:26 | 000,765,952 | -H-- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/09/16 09:26:40 | 000,012,634 | -H-- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004/03/18 03:44:29 | 001,663,068 | -H-- | C] () -- C:\WINDOWS\System32\libmmd.dll
[1999/01/27 08:39:06 | 000,065,024 | -H-- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 02:56:08 | 000,056,832 | -H-- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2007/07/12 10:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Azureus
[2006/09/17 11:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\FotoWire
[2006/05/23 12:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Netscape
[2008/04/20 08:51:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Nokia
[2008/05/29 16:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\Nokia Multimedia Player
[2008/02/03 06:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Anthony\Application Data\PC Suite
[2008/10/06 14:21:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Dawn\Application Data\InterVideo
[2008/10/05 12:51:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Dawn\Application Data\PC Suite
[2006/02/19 08:08:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Lee\Application Data\InterVideo
[2008/08/17 09:24:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Lee\Application Data\PC Suite
[2009/07/30 07:07:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Stephen\Application Data\Azureus
[2011/04/10 08:35:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Stephen\Application Data\DDMSettings
[2005/09/21 07:58:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Stephen\Application Data\InterVideo
[2008/01/20 15:46:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Stephen\Application Data\LimeWire
[2005/11/15 07:37:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Stephen\Application Data\Netscape
[2008/01/09 11:31:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Stephen\Application Data\Nokia
[2008/02/04 12:00:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Stephen\Application Data\Nokia Multimedia Player
[2008/01/09 10:45:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Stephen\Application Data\PC Suite
[2012/03/23 16:49:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Stephen\Application Data\Philips-Songbird
[2006/01/18 15:28:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Stephen\Application Data\uTorrent
[2011/03/28 05:39:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Stephen\Application Data\WhiteSmoke
[2006/11/03 12:10:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/03/08 11:08:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/02/15 17:26:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Documents
[2008/11/20 11:52:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\FirstClass
[2008/01/09 10:41:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2012/04/22 12:26:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Kontiki
[2008/01/09 10:47:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2005/09/15 15:40:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2006/02/23 15:56:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm
[2007/06/30 08:07:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Prism
[2005/09/15 15:54:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2007/02/09 16:30:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Transparent
[2010/08/28 06:24:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/23 07:12:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/07/18 06:17:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/01/31 10:47:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{F0489EF2-D393-4114-85BA-A94D71D89543}
[2012/04/17 07:06:50 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2012/04/22 11:54:30 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Custom Scans ==========


Invalid Environment Variable: %APPDATA%\Microsoft\*.*

< %systemroot%\system32\config\systemprofile\*.dat/x >
Invalid Switch: x

Invalid Environment Variable: %USERPROFILE%\Desktop\*.exe

< %PROGRAMFILES%\ccommon Files\*.* >

< %systemroot%\winn32\*.* >

Invalid Environment Variable: %USERPROFILE%\My Documents\*.exe

Invalid Environment Variable: %USERPROFILE%\*.exe

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\Tinyproxy. >

< %systemroot%\system32\*.*/lockedfiles >
[2011/03/03 02:55:19 | 000,149,504 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2012/03/02 01:01:32 | 011,082,752 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2012/03/01 07:01:31 | 002,000,384 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/13 20:12:00 | 000,274,944 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/13 20:12:02 | 000,067,072 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2011/01/21 10:44:37 | 008,462,336 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks|*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2011/03/18 11:26:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Adobe
[2005/05/21 10:38:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Ahead
[2008/11/20 11:58:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Apple Software Update
[2006/11/03 12:02:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Avanquest update
[2011/06/20 16:14:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Azureus
[2010/08/28 06:13:29 | 000,000,000 | -H-D | M] -- C:\Program Files\Bonjour
[2008/08/03 08:40:32 | 000,000,000 | -H-D | M] -- C:\Program Files\CandleWorks
[2009/03/08 11:20:15 | 000,000,000 | -H-D | M] -- C:\Program Files\Canon
[2009/03/08 11:07:31 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2011/06/22 07:23:20 | 000,000,000 | -H-D | M] -- C:\Program Files\Common Files
[2005/05/21 10:10:47 | 000,000,000 | -H-D | M] -- C:\Program Files\ComPlus Applications
[2005/05/21 10:35:28 | 000,000,000 | -H-D | M] -- C:\Program Files\CONEXANT
[2006/10/15 12:25:15 | 000,000,000 | -H-D | M] -- C:\Program Files\ConvertMovie 4.1
[2005/11/01 13:35:51 | 000,000,000 | -H-D | M] -- C:\Program Files\Creative Labs
[2008/01/09 10:43:39 | 000,000,000 | -H-D | M] -- C:\Program Files\DIFX
[2011/06/15 12:08:21 | 000,000,000 | -H-D | M] -- C:\Program Files\DivX
[2005/05/21 10:40:22 | 000,000,000 | -H-D | M] -- C:\Program Files\Encarta
[2011/06/26 04:47:55 | 000,000,000 | -H-D | M] -- C:\Program Files\ESET
[2008/11/22 07:00:51 | 000,000,000 | -H-D | M] -- C:\Program Files\FirstClass
[2009/01/26 17:45:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Google
[2008/05/01 08:16:29 | 000,000,000 | -H-D | M] -- C:\Program Files\Hewlett-Packard
[2008/05/01 08:16:39 | 000,000,000 | -H-D | M] -- C:\Program Files\HP
[2008/10/28 13:09:11 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2012/04/16 15:29:36 | 000,000,000 | -H-D | M] -- C:\Program Files\Internet Explorer
[2005/05/21 10:39:03 | 000,000,000 | -H-D | M] -- C:\Program Files\InterVideo
[2010/08/28 06:23:48 | 000,000,000 | -H-D | M] -- C:\Program Files\iPod
[2006/02/19 07:54:39 | 000,000,000 | -H-D | M] -- C:\Program Files\IrfanView
[2010/08/28 06:24:42 | 000,000,000 | -H-D | M] -- C:\Program Files\iTunes
[2012/01/15 06:56:24 | 000,000,000 | -H-D | M] -- C:\Program Files\Java
[2006/03/07 15:15:03 | 000,000,000 | -H-D | M] -- C:\Program Files\JLIP VideoCapture3.1
[2008/10/24 12:26:15 | 000,000,000 | -H-D | M] -- C:\Program Files\KAZ (Keyboard A-Z)
[2009/01/31 13:39:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Kontiki
[2012/03/08 09:23:39 | 000,000,000 | -H-D | M] -- C:\Program Files\Lavasoft
[2006/09/17 11:24:06 | 000,000,000 | -H-D | M] -- C:\Program Files\Logitech
[2012/04/18 03:50:31 | 000,000,000 | -H-D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/21 16:43:00 | 000,000,000 | -H-D | M] -- C:\Program Files\McAfee
[2011/03/20 12:45:33 | 000,000,000 | -H-D | M] -- C:\Program Files\McAfee Security Scan
[2008/11/27 10:15:06 | 000,000,000 | -H-D | M] -- C:\Program Files\Messenger
[2005/05/21 10:39:51 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft ActiveSync
[2005/05/21 10:40:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft AutoRoute
[2008/03/22 17:14:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2005/05/21 10:12:43 | 000,000,000 | -H-D | M] -- C:\Program Files\microsoft frontpage
[2007/05/22 10:30:12 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Money 2005
[2010/06/07 13:02:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Office
[2005/05/21 10:40:05 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Works
[2005/05/21 10:39:15 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Works Suite 2005
[2006/11/03 12:02:02 | 000,000,000 | -H-D | M] -- C:\Program Files\Motorola Phone Tools
[2006/10/15 12:25:15 | 000,000,000 | -H-D | M] -- C:\Program Files\MOVAVI
[2010/08/11 15:42:04 | 000,000,000 | -H-D | M] -- C:\Program Files\Movie Maker
[2008/12/25 14:57:08 | 000,000,000 | -H-D | M] -- C:\Program Files\MP3 Player Utilities 4.17
[2010/06/07 13:01:52 | 000,000,000 | -H-D | M] -- C:\Program Files\MSECache
[2005/09/18 15:04:04 | 000,000,000 | -H-D | M] -- C:\Program Files\MSN
[2005/09/17 11:46:01 | 000,000,000 | -H-D | M] -- C:\Program Files\MSN Apps
[2008/11/27 10:20:22 | 000,000,000 | -H-D | M] -- C:\Program Files\MSN Gaming Zone
[2011/06/26 05:15:18 | 000,000,000 | -H-D | M] -- C:\Program Files\MSN Messenger
[2006/11/18 18:42:39 | 000,000,000 | -H-D | M] -- C:\Program Files\MSXML 4.0
[2008/08/11 14:36:46 | 000,000,000 | -H-D | M] -- C:\Program Files\NetMeeting
[2005/11/15 07:32:40 | 000,000,000 | -H-D | M] -- C:\Program Files\Netscape
[2008/01/09 10:43:59 | 000,000,000 | -H-D | M] -- C:\Program Files\Nokia
[2008/02/03 06:47:53 | 000,000,000 | -H-D | M] -- C:\Program Files\OLYMPUS
[2008/08/10 07:31:56 | 000,000,000 | -H-D | M] -- C:\Program Files\Online Services
[2010/12/19 07:57:57 | 000,000,000 | -H-D | M] -- C:\Program Files\Outlook Express
[2008/01/09 10:43:16 | 000,000,000 | -H-D | M] -- C:\Program Files\PC Connectivity Solution
[2010/12/25 10:27:02 | 000,000,000 | -H-D | M] -- C:\Program Files\Philips
[2006/06/23 10:24:59 | 000,000,000 | -H-D | M] -- C:\Program Files\Picture It! Premium 10
[2008/11/27 10:16:56 | 000,000,000 | -H-D | M] -- C:\Program Files\Pinnacle
[2005/10/30 13:35:58 | 000,000,000 | -H-D | M] -- C:\Program Files\PIXELA
[2005/09/13 10:14:43 | 000,000,000 | -H-D | M] -- C:\Program Files\Program Shortcuts
[2011/01/22 07:06:52 | 000,000,000 | -H-D | M] -- C:\Program Files\QuickTime
[2006/04/27 05:21:46 | 000,000,000 | -H-D | M] -- C:\Program Files\QuickZip4
[2005/11/01 15:20:01 | 000,000,000 | -H-D | M] -- C:\Program Files\Real
[2007/12/26 08:17:21 | 000,000,000 | -H-D | M] -- C:\Program Files\Samsung
[2006/12/27 06:19:30 | 000,000,000 | -H-D | M] -- C:\Program Files\SigmaTel
[2008/02/15 07:12:36 | 000,000,000 | -H-D | M] -- C:\Program Files\Skype
[2005/09/15 15:54:17 | 000,000,000 | -H-D | M] -- C:\Program Files\SmartSound Software
[2005/10/30 13:35:04 | 000,000,000 | -H-D | M] -- C:\Program Files\Sony Corporation
[2005/10/17 06:14:49 | 000,000,000 | -H-D | M] -- C:\Program Files\SpeedTouch
[2006/12/29 13:26:40 | 000,000,000 | -H-D | M] -- C:\Program Files\Spybot - Search & Destroy
[2008/07/31 15:47:28 | 000,000,000 | -H-D | M] -- C:\Program Files\Sun
[2008/10/17 10:32:04 | 000,000,000 | -H-D | M] -- C:\Program Files\Tiscali
[2007/02/09 16:30:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Transparent
[2005/05/21 10:15:12 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/03/28 10:33:37 | 000,000,000 | -H-D | M] -- C:\Program Files\WhiteSmoke
[2010/08/10 11:02:51 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Defender
[2008/03/21 06:06:46 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Live
[2007/01/28 17:28:39 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Media Connect 2
[2008/08/11 14:36:39 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Media Player
[2008/08/10 07:31:33 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows NT
[2005/05/21 10:11:26 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2005/05/21 10:12:43 | 000,000,000 | -H-D | M] -- C:\Program Files\xerox
[2007/12/26 08:14:40 | 000,000,000 | -H-D | M] -- C:\Program Files\XviD


< MD5 for: AGP440.SYS >
[2004/08/04 08:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/08/11 14:27:40 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/04 08:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/08/11 14:27:40 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 08:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/08/11 14:27:40 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/04 08:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/08/11 14:27:40 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 16:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 08:00:00 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\atapi.sys
[2004/08/03 16:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/04 08:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/08/11 14:27:40 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2004/08/04 08:00:00 | 018,738,937 | -H-- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:disk.sys
[2008/08/11 14:27:40 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/04 08:00:00 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 08:00:00 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< CREATERESTOREPOINT >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Aut >

< Update\Results\Install | LastSuccessTime /rs >

< hklm\software\clients\startmenuinternet | command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/02/29 08:17:40 | 000,174,080 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/02/29 08:17:40 | 000,174,080 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/02/29 08:17:40 | 000,174,080 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 09:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 09:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.exe" HIDE [2005/10/12 14:24:23 | 000,038,923 | -H-- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.exe" REGISTER [2005/10/12 14:24:23 | 000,038,923 | -H-- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.EXE" SHOW [2005/10/12 14:24:23 | 000,038,923 | -H-- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\shell\open\command\\: C:\PROGRA~1\NETSCAPE\NETSCA~1\NETSCAPE.EXE [2005/10/12 14:20:06 | 000,270,336 | -H-- | M] (Netscape)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\shell\properties\command\\: C:\PROGRA~1\NETSCAPE\NETSCA~1\NETSCAPE.EXE -chrome "chrome://browser/content/pref/pref.xul" [2005/10/12 14:20:06 | 000,270,336 | -H-- | M] (Netscape)

< hklm\software\clients\startmenuinternet | command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/02/29 08:17:40 | 000,174,080 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/02/29 08:17:40 | 000,174,080 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/02/29 08:17:40 | 000,174,080 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 09:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 09:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.exe" HIDE [2005/10/12 14:24:23 | 000,038,923 | -H-- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.exe" REGISTER [2005/10/12 14:24:23 | 000,038,923 | -H-- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Netscape\Netscape Browser\NSSET.EXE" SHOW [2005/10/12 14:24:23 | 000,038,923 | -H-- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\shell\open\command\\: C:\PROGRA~1\NETSCAPE\NETSCA~1\NETSCAPE.EXE [2005/10/12 14:20:06 | 000,270,336 | -H-- | M] (Netscape)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\netscape.exe\shell\properties\command\\: C:\PROGRA~1\NETSCAPE\NETSCA~1\NETSCAPE.EXE -chrome "chrome://browser/content/pref/pref.xul" [2005/10/12 14:20:06 | 000,270,336 | -H-- | M] (Netscape)

< End of report >

wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by Superdave on Sun 29 Apr 2012, 6:06 am

* Open OTL
* Copy and Paste the following text in the codebox into the Custom Scans/Fixes window.

Code:
:OTL

O3 - HKU\Anthony_ON_C\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\Anthony_ON_C\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\Dawn_ON_C\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\Lee_ON_C\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\Lee_ON_C\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\Stephen_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Stephen_ON_C\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\Stephen_ON_C\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [BWNgukIRpgkBmLb.exe] C:\Documents and Settings\All Users\Application Data\BWNgukIRpgkBmLb.exe ( )
O4 - HKU\Anthony_ON_C..\Run: [MsnMsgr] File not found
O4 - HKU\Anthony_ON_C..\Run: [MyWebSearch Email Plugin] File not found
O4 - HKU\Dawn_ON_C..\Run: [msnmsgr] File not found
[2012/04/16 14:21:14 | 000,322,560 | -H-- | M] ( ) -- C:\Documents and Settings\All Users\Application Data\BWNgukIRpgkBmLb.exe

:COMMANDS
[resethosts]
[purity]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.

Please let me know if you can boot your computer.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by wildfly73 on Sun 29 Apr 2012, 8:02 am



========== OTL ==========
Registry value HKEY_USERS\Anthony_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry value HKEY_USERS\Anthony_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\Dawn_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry value HKEY_USERS\Lee_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry value HKEY_USERS\Lee_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\Stephen_ON_C\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\Stephen_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\Stephen_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AlcWzrd deleted successfully.
C:\WINDOWS\ALCWZRD.EXE moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BWNgukIRpgkBmLb.exe deleted successfully.
C:\Documents and Settings\All Users\Application Data\BWNgukIRpgkBmLb.exe moved successfully.
Registry value HKEY_USERS\Anthony_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MsnMsgr deleted successfully.
Registry value HKEY_USERS\Anthony_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin deleted successfully.
Registry value HKEY_USERS\Dawn_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr deleted successfully.
File C:\Documents and Settings\All Users\Application Data\BWNgukIRpgkBmLb.exe not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTLPE by OldTimer - Version 3.1.48.0 log created on 04292012_043740

i removed the windows recovery environment cd and booted my computer windows xp opens however no icons appear on desktop and no programes. The only usable options are shut down and restart.
hope this helps
regards
stephen.

wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by Superdave on Sun 29 Apr 2012, 9:16 am


  • Please download Unhide by Grinler from here and save it to your desktop.
  • Double click unhide.exe to run the tool.
  • It will take some time to go through all your files, so please be patient.
  • If you still can't see anything on your desktop please let me know.

**************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
************************************************
Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Unhide log and reboot info

Post by wildfly73 on Sun 29 Apr 2012, 11:31 pm

Unhide by Lawrence Abrams (Grinler)
[You must be registered and logged in to see this link.]
Copyright 2008-2012 BleepingComputer.com
More Information about Unhide.exe can be found at this link:
[You must be registered and logged in to see this link.]
Program started at: 04/29/2012 10:53:36 AM
Windows Version: Windows XP
Please be patient while your files are made visible again.
Processing the B:\ drive
Finished processing the B:\ drive. 388 files processed.
Processing the C:\ drive
Finished processing the C:\ drive. 162007 files processed.
Processing the D:\ drive
Finished processing the D:\ drive. 0 files processed.
Processing the E:\ drive
Finished processing the E:\ drive. 0 files processed.
Processing the F:\ drive
Finished processing the F:\ drive. 0 files processed.
Processing the G:\ drive
Finished processing the G:\ drive. 0 files processed.
Processing the H:\ drive
Finished processing the H:\ drive. 0 files processed.
The B:\smtmp\ folder does not exist!!
Unhide cannot restore your missing shortcuts!!
Please see this topic in order to learn how to restore default
Start Menu shortcuts: [You must be registered and logged in to see this link.]
Searching for Windows Registry changes made by FakeHDD rogues.
- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
* NoRun policy was found and deleted!
- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Restarting Explorer.exe in order to apply changes.
Program finished at: 04/29/2012 11:01:57 AM
Execution time: 0 hours(s), 8 minute(s), and 21 seconds(s)

After running Unhide iv booted without Win Rec Envi cd. i have my usual icons appearing on the right side of the task bar and are functioning. In the start menu programmes are now showing. However, each folder shows empty except for a folder named SMART HDD which i have not knowingly installed. Within this folder is the option to uninstall, surprisingly. Also there are no short cuts showing on the desk top. I have internet access restored.
Within the start menu Run, my documents, my computer, control panel, ect have not been unhiden.


Last edited by wildfly73 on Mon 30 Apr 2012, 4:36 am; edited 2 times in total (Reason for editing : additional info)

wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by Superdave on Mon 30 Apr 2012, 5:16 am

Please run the other scans and post the logs.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by wildfly73 on Mon 30 Apr 2012, 6:20 am

Iv tried running superantispyware (SAS) twice in Windows Recovery Environment. Installation error, file copy error, aborting installation both times. Also tried running SAS without Win Rec Envi. Chose Save to desktop, it did save however no icon appears on the blank desktop and i have no access to the run command bar. Any suggestions appreciated
thanks s

wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by Superdave on Mon 30 Apr 2012, 9:20 am

Ok. Let's try this:

Save these instructions so you can have access to them while in Safe Mode.

Please click here to download AVP Tool by Kaspersky.

  • Save it to your desktop.
  • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
  • Double click the setup file to run it.
  • Click Next to continue.
  • Accept the License agreement and click on next.
  • It will, by default, install it to your desktop folder. Click Next.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.

  • Hidden Startup Objects
  • System Memory
  • Disk Boot Sectors.
  • My Computer.
  • Also any other drives (Removable that you may have)

Leave the rest of the settings as they appear as default.
•Then click on Scan at the to right hand Corner.
•It will automatically Neutralize any objects found.
•If some objects are left un-neutralized then click the button that says Neutralize all
•If it says it cannot be neutralized then choose the delete option when prompted.
•After that is done click on the reports button at the bottom and save it to file name it Kas.
•Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

Note: This tool will self uninstall when you close it so please save the log before closing it.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by wildfly73 on Mon 30 Apr 2012, 11:19 pm

Hello,

Downloaded kaspersky to desktop. Rebooted computer tapped F8 but still does not enter SafeMode. It instead enters Select Boot Drive. Iv also tried tapping space bar on start up which produces Hardware profile/configuration recovery menu. This allows the selection of hardware profile to be used when windows is started. 1 option shows Profile 1. i dont know what this will do if it is selected so i press escape and XP startup begins.

Iv also tried to download kaspersky in Windows Recovery Environment. It almost installed, however, Disk Clean Up appeared in the final stage of download reporting there is not enough disk space. The option is to delete temp internet files freeing up 479kb. is it ok to go ahead and delete these files?[b]


Last edited by wildfly73 on Tue 01 May 2012, 3:23 am; edited 2 times in total (Reason for editing : further info)

wildfly73

Newbie Surfer
Newbie Surfer

Posts : 32
Joined : 2011-06-21
Operating System : windows xp Home Edition 2002 service pack 3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by Superdave on Tue 01 May 2012, 6:04 am

Ok. What's the status of your computer now? Can you boot in Normal Mode?

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: Help required smart repair HDD

Post by Sponsored content Today at 4:35 pm


Sponsored content


Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum