GeekPolice
Would you like to react to this message? Create an account in a few clicks or log in to continue.

GeekPoliceLog in

 


Hard Drive Diagnostic

2 posters

descriptionHard Drive Diagnostic EmptyHard Drive Diagnostic6th December 2010, 11:28 pm

more_horiz
It has taken over my co- workers computer here trying to figure out how to fix pretty much we ran malware bytes and rebooted and it's still bugging her computer now all her desktop icons are gone and black screen any new ideas? Thanks

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic7th December 2010, 12:34 am

more_horiz
Hello.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic7th December 2010, 12:43 am

more_horiz
alrite give me a few thanks

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic7th December 2010, 12:53 am

more_horiz
OTL logfile created on: 12/6/2010 4:49:24 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\jennifer.DGYT6CC1\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 227.00 Mb Available Physical Memory | 22.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.44 Gb Total Space | 56.02 Gb Free Space | 75.25% Space Free | Partition Type: NTFS
Drive F: | 931.50 Gb Total Space | 874.24 Gb Free Space | 93.85% Space Free | Partition Type: NTFS
Drive G: | 931.50 Gb Total Space | 874.24 Gb Free Space | 93.85% Space Free | Partition Type: NTFS

Computer Name: DGYT6CC1 | User Name: jennifer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/06 16:48:51 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jennifer.DGYT6CC1\Desktop\OTL.exe
PRC - [2010/12/06 15:16:25 | 000,357,376 | ---- | M] (HDD Corporation) -- C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\298734.exe
PRC - [2010/12/06 13:49:39 | 000,448,000 | ---- | M] (MEDIA Corporation) -- C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\IGwqNKmplw.exe
PRC - [2010/11/24 09:32:26 | 002,069,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/11/24 09:31:29 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/10/05 07:37:01 | 000,116,104 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010/09/27 13:47:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/09/23 08:04:37 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/15 09:02:11 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/15 09:02:09 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/07/15 09:02:03 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/03 14:09:34 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2007/08/03 14:09:34 | 000,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2007/07/27 07:48:19 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006/12/01 17:00:30 | 000,802,816 | ---- | M] () -- c:\Program Files\Symmetricom\SymmTime\SymmTime.exe
PRC - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/08/28 19:57:12 | 000,395,776 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2006/03/17 15:25:16 | 000,065,536 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
PRC - [2006/01/02 15:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/11/09 15:34:10 | 000,294,912 | ---- | M] () -- C:\Program Files\MMTaskbar\MultiMon.exe
PRC - [2005/01/07 17:30:56 | 000,864,256 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe
PRC - [2004/04/14 14:46:50 | 000,057,393 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2003/04/18 18:06:26 | 000,008,192 | ---- | M] () -- C:\WINDOWS\system32\srvany.exe
PRC - [1999/09/30 21:31:38 | 000,869,376 | ---- | M] (Fred's Software) -- C:\Program Files\PrintKey2000\Printkey2000.exe


========== Modules (SafeList) ==========

MOD - [2010/12/06 16:48:51 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jennifer.DGYT6CC1\Desktop\OTL.exe
MOD - [2010/08/23 08:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2003/09/02 14:15:16 | 000,057,344 | ---- | M] () -- C:\Program Files\MMTaskbar\shellhook.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/10/05 07:37:01 | 000,116,104 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/09/27 13:47:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/07/15 09:02:09 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2007/08/03 14:09:34 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2006/11/03 18:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/03/17 15:25:16 | 000,065,536 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)
SRV - [2003/04/18 18:06:26 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\srvany.exe -- (symmtime)


========== Driver Services (SafeList) ==========

DRV - [2010/10/05 07:36:43 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/07/15 09:02:13 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/07/15 09:02:05 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/06/02 08:23:37 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2008/10/31 09:49:49 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/10/31 09:49:34 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/04/13 10:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 10:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 08:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/08/28 00:28:56 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/07/05 12:08:28 | 000,241,152 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006/06/07 13:08:58 | 001,580,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/03/17 15:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2006/01/10 09:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2004/10/15 12:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004/09/29 03:24:38 | 000,051,712 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2004/08/03 20:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/06/26 13:22:00 | 000,006,016 | ---- | M] (RDV Soft) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vnccom.SYS -- (vnccom)
DRV - [2004/06/26 13:22:00 | 000,004,736 | ---- | M] (RDV Soft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vncdrv.sys -- (vncdrv)
DRV - [2004/01/10 04:28:18 | 000,011,648 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2003/04/24 14:21:50 | 000,006,025 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2001/12/19 11:45:00 | 000,008,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\VCdRom.sys -- (vcdrom)
DRV - [2001/08/17 12:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 12:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 12:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 12:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 12:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 11:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 11:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 11:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 11:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 11:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 11:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 11:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 11:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 11:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 11:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3070108
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3070108

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3070108
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370



O1 HOSTS File: ([2004/08/04 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (CMSIEHlprObj Class) - {F78FB3B6-93BF-4423-BE42-ED1D89D9F637} - C:\WINDOWS\system32\HawkWebFiller.dll (HawkSoft, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (HawkSoft) - {D65F44C8-2F77-4a61-94CC-5D04FB902B78} - C:\WINDOWS\system32\HawkWebFiller.dll (HawkSoft, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (HawkSoft) - {D65F44C8-2F77-4A61-94CC-5D04FB902B78} - C:\WINDOWS\system32\HawkWebFiller.dll (HawkSoft, Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [multimon] C:\Program Files\MMTaskbar\MultiMon.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [printkey] C:\Program Files\PrintKey2000\Printkey2000.exe (Fred's Software)
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [298734] C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\298734.exe (HDD Corporation)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [IGwqNKmplw.exe] C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\IGwqNKmplw.exe (MEDIA Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll (Sun Microsystems, Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1171582420026 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} http://quicksilver.mercuryinsurance.com/engine/isetup.cab (InstallShield International Setup Player)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/RACtrl.cab (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Domain.local
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 15:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/08/31 09:31:23 | 000,022,016 | ---- | M] () - F:\auto application cover letter.doc -- [ NTFS ]
O32 - AutoRun File - [2006/08/11 13:33:59 | 000,033,792 | ---- | M] () - F:\Automobile Quote Sheet.doc -- [ NTFS ]
O32 - AutoRun File - [2006/09/26 10:29:37 | 000,029,184 | ---- | M] () - F:\Automobile Quote Sheet1and1.doc -- [ NTFS ]
O32 - AutoRun File - [2006/08/11 13:59:57 | 000,033,792 | ---- | M] () - F:\Automobile Quote Sheet2and2.doc -- [ NTFS ]
O32 - AutoRun File - [2006/08/11 13:59:07 | 000,038,400 | ---- | M] () - F:\Automobile Quote Sheet4and4.doc -- [ NTFS ]
O32 - AutoRun File - [2000/08/31 15:20:26 | 000,019,968 | ---- | M] () - F:\AUTOTHANKYOU.doc -- [ NTFS ]
O32 - AutoRun File - [2007/08/31 09:31:23 | 000,022,016 | ---- | M] () - G:\auto application cover letter.doc -- [ NTFS ]
O32 - AutoRun File - [2006/08/11 13:33:59 | 000,033,792 | ---- | M] () - G:\Automobile Quote Sheet.doc -- [ NTFS ]
O32 - AutoRun File - [2006/09/26 10:29:37 | 000,029,184 | ---- | M] () - G:\Automobile Quote Sheet1and1.doc -- [ NTFS ]
O32 - AutoRun File - [2006/08/11 13:59:57 | 000,033,792 | ---- | M] () - G:\Automobile Quote Sheet2and2.doc -- [ NTFS ]
O32 - AutoRun File - [2006/08/11 13:59:07 | 000,038,400 | ---- | M] () - G:\Automobile Quote Sheet4and4.doc -- [ NTFS ]
O32 - AutoRun File - [2000/08/31 15:20:26 | 000,019,968 | ---- | M] () - G:\AUTOTHANKYOU.doc -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/06 16:48:41 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jennifer.DGYT6CC1\Desktop\OTL.exe
[2010/11/10 08:49:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jennifer.DGYT6CC1\Application Data\Malwarebytes
[2010/11/10 08:48:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/10 08:48:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/10 08:48:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/10 08:48:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/06 16:48:51 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jennifer.DGYT6CC1\Desktop\OTL.exe
[2010/12/06 16:44:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/06 16:43:57 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/12/06 16:41:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/06 16:41:09 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/06 16:40:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/06 16:40:47 | 1071,235,072 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/06 15:11:56 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At61.job
[2010/12/06 15:11:56 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2010/12/06 15:11:56 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/12/06 14:17:59 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At62.job
[2010/12/06 13:54:53 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\Desktop\HDD Diagnostic.lnk
[2010/12/06 13:54:07 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At60.job
[2010/12/06 13:54:07 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At59.job
[2010/12/06 13:54:07 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At58.job
[2010/12/06 13:54:07 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At57.job
[2010/12/06 13:54:07 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At56.job
[2010/12/06 13:54:07 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2010/12/06 13:54:07 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2010/12/06 13:54:07 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2010/12/06 13:54:07 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2010/12/06 13:54:07 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2010/12/06 13:54:07 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2010/12/06 13:54:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/12/06 13:54:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/12/06 13:54:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/12/06 13:54:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/12/06 13:54:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/12/06 13:54:07 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/12/06 13:17:01 | 000,000,167 | ---- | M] () -- C:\WINDOWS\POLICYW.INI
[2010/12/06 08:25:57 | 068,569,954 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/12/06 08:23:59 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\Desktop\Microsoft Office Outlook 2003.lnk
[2010/12/04 19:39:25 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2010/12/04 19:33:27 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At66.job
[2010/12/04 19:33:27 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At65.job
[2010/12/04 19:33:27 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At63.job
[2010/12/04 19:33:27 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2010/12/04 19:33:27 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2010/12/04 19:33:27 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/12/04 19:33:27 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/12/04 16:50:21 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2010/12/04 16:24:17 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At64.job
[2010/12/04 16:24:16 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2010/12/04 16:24:16 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/12/04 16:24:16 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/12/04 16:24:16 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/12/03 09:50:27 | 000,004,712 | -H-- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\maxdesk.ini
[2010/12/03 09:49:21 | 001,339,617 | -H-- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\PPThumbs.ptn
[2010/12/03 09:49:21 | 000,074,072 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Friday, December 03, 2010.pdf
[2010/12/03 09:48:24 | 000,002,243 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\Desktop\PaperPort.lnk
[2010/12/03 07:56:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At55.job
[2010/12/03 07:37:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2010/12/03 07:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/12/03 06:56:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At52.job
[2010/12/03 06:37:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2010/12/03 06:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/12/03 05:56:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At54.job
[2010/12/03 05:37:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2010/12/03 05:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/12/03 04:56:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At53.job
[2010/12/03 04:37:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2010/12/03 04:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/12/03 03:56:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At51.job
[2010/12/03 03:37:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2010/12/03 03:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/12/03 02:56:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At50.job
[2010/12/03 02:37:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/12/03 01:56:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2010/12/03 01:37:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2010/12/03 01:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/12/03 00:56:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At49.job
[2010/12/03 00:37:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2010/12/03 00:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/12/02 23:56:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At71.job
[2010/12/02 23:37:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2010/12/02 23:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/12/02 22:56:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At70.job
[2010/12/02 22:37:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2010/12/02 22:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/12/02 21:56:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At69.job
[2010/12/02 21:37:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2010/12/02 21:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/12/02 20:56:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At68.job
[2010/12/02 20:37:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2010/12/02 20:23:00 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/12/02 19:56:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At67.job
[2010/12/01 10:02:39 | 000,103,367 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Wednesday, December 01, 2010.pdf
[2010/11/30 14:59:32 | 000,167,990 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 30, 2010 (2).pdf
[2010/11/30 10:56:52 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\u45 letter.doc
[2010/11/30 09:40:23 | 000,258,530 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 30, 2010.pdf
[2010/11/29 16:02:57 | 000,074,103 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 29, 2010 (5).pdf
[2010/11/29 14:36:48 | 000,575,689 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 29, 2010 (4).pdf
[2010/11/29 14:35:52 | 000,147,017 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 29, 2010 (3).pdf
[2010/11/29 14:35:26 | 000,277,391 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 29, 2010 (2).pdf
[2010/11/29 11:16:56 | 000,175,180 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 29, 2010.pdf
[2010/11/24 12:52:06 | 000,355,509 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Wednesday, November 24, 2010.pdf
[2010/11/23 16:17:21 | 000,240,053 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 23, 2010 (3).pdf
[2010/11/23 16:02:19 | 000,229,768 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 23, 2010 (2).pdf
[2010/11/23 15:50:16 | 000,234,507 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 23, 2010.pdf
[2010/11/23 09:19:28 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\BEAUTICIANSPROF. LIABILITY RENEWAL LTR
[2010/11/22 09:09:05 | 000,484,752 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 22, 2010 (2).pdf
[2010/11/22 09:08:41 | 000,157,082 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 22, 2010.pdf
[2010/11/19 09:51:13 | 000,586,658 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Friday, November 19, 2010.pdf
[2010/11/16 14:00:09 | 000,585,231 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\MUMMIES.pdf
[2010/11/16 10:12:13 | 000,069,169 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 16, 2010 (2).pdf
[2010/11/16 10:10:09 | 000,374,248 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 16, 2010.pdf
[2010/11/11 14:28:19 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\brians doc.doc
[2010/11/11 13:45:38 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\brians doc (3).doc
[2010/11/11 12:53:08 | 000,370,181 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Thursday, November 11, 2010 (2).pdf
[2010/11/11 11:29:22 | 000,109,168 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Thursday, November 11, 2010.pdf
[2010/11/11 08:25:53 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/11/10 15:10:25 | 000,358,924 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Wednesday, November 10, 2010 (2).pdf
[2010/11/10 11:45:32 | 000,118,496 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Wednesday, November 10, 2010.pdf
[2010/11/10 08:49:01 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/09 16:21:02 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\Application Data\install
[2010/11/09 16:16:45 | 000,000,246 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\Application Data\ssdfsfs.bat
[2010/11/08 12:59:20 | 000,084,998 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 08, 2010.pdf
[2010/11/08 08:27:50 | 000,467,382 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/08 08:27:50 | 000,080,154 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/06 13:54:53 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\Desktop\HDD Diagnostic.lnk
[2010/12/03 09:49:20 | 000,074,072 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Friday, December 03, 2010.pdf
[2010/12/01 10:02:39 | 000,103,367 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Wednesday, December 01, 2010.pdf
[2010/11/30 14:59:31 | 000,167,990 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 30, 2010 (2).pdf
[2010/11/30 10:11:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At71.job
[2010/11/30 10:11:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At70.job
[2010/11/30 10:11:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At69.job
[2010/11/30 10:11:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At68.job
[2010/11/30 10:11:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At67.job
[2010/11/30 10:11:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At66.job
[2010/11/30 10:11:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At65.job
[2010/11/30 10:11:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At64.job
[2010/11/30 10:11:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At63.job
[2010/11/30 10:11:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At62.job
[2010/11/30 10:11:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At61.job
[2010/11/30 10:11:48 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At60.job
[2010/11/30 10:11:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At59.job
[2010/11/30 10:11:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At58.job
[2010/11/30 10:11:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At57.job
[2010/11/30 10:11:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At56.job
[2010/11/30 10:11:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At55.job
[2010/11/30 10:11:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At54.job
[2010/11/30 10:11:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At53.job
[2010/11/30 10:11:47 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At52.job
[2010/11/30 10:11:46 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At51.job
[2010/11/30 10:11:46 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At50.job
[2010/11/30 10:11:46 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At49.job
[2010/11/30 10:11:46 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\At48.job
[2010/11/30 09:40:22 | 000,258,530 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 30, 2010.pdf
[2010/11/29 16:02:56 | 000,074,103 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 29, 2010 (5).pdf
[2010/11/29 14:36:48 | 000,575,689 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 29, 2010 (4).pdf
[2010/11/29 14:35:52 | 000,147,017 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 29, 2010 (3).pdf
[2010/11/29 14:35:26 | 000,277,391 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 29, 2010 (2).pdf
[2010/11/29 11:16:55 | 000,175,180 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 29, 2010.pdf
[2010/11/24 12:52:05 | 000,355,509 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Wednesday, November 24, 2010.pdf
[2010/11/23 16:17:21 | 000,240,053 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 23, 2010 (3).pdf
[2010/11/23 16:02:19 | 000,229,768 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 23, 2010 (2).pdf
[2010/11/23 15:50:16 | 000,234,507 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 23, 2010.pdf
[2010/11/22 09:09:04 | 000,484,752 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 22, 2010 (2).pdf
[2010/11/22 09:08:40 | 000,157,082 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 22, 2010.pdf
[2010/11/19 09:51:12 | 000,586,658 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Friday, November 19, 2010.pdf
[2010/11/16 14:00:09 | 000,585,231 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\MUMMIES.pdf
[2010/11/16 10:12:13 | 000,069,169 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 16, 2010 (2).pdf
[2010/11/16 10:10:08 | 000,374,248 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Tuesday, November 16, 2010.pdf
[2010/11/11 12:53:07 | 000,370,181 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Thursday, November 11, 2010 (2).pdf
[2010/11/11 11:29:22 | 000,109,168 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Thursday, November 11, 2010.pdf
[2010/11/10 15:10:24 | 000,358,924 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Wednesday, November 10, 2010 (2).pdf
[2010/11/10 11:45:31 | 000,118,496 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Wednesday, November 10, 2010.pdf
[2010/11/10 08:49:01 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/10 08:40:26 | 1071,235,072 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/09 16:21:02 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\Application Data\install
[2010/11/09 16:16:50 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At47.job
[2010/11/09 16:16:50 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At46.job
[2010/11/09 16:16:50 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At45.job
[2010/11/09 16:16:50 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At44.job
[2010/11/09 16:16:50 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At43.job
[2010/11/09 16:16:50 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At42.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At41.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At40.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At39.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At38.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At37.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At36.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At35.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At34.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At33.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At32.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At31.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At30.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At29.job
[2010/11/09 16:16:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At28.job
[2010/11/09 16:16:48 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At27.job
[2010/11/09 16:16:48 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At26.job
[2010/11/09 16:16:48 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At25.job
[2010/11/09 16:16:48 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2010/11/09 16:16:45 | 000,000,246 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\Application Data\ssdfsfs.bat
[2010/11/09 11:11:21 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\brians doc (3).doc
[2010/11/08 12:59:20 | 000,084,998 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Monday, November 08, 2010.pdf
[2010/07/27 12:03:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Application Data\fusioncache.dat
[2008/02/20 17:02:32 | 000,001,537 | ---- | C] () -- C:\WINDOWS\SymmTime.ini
[2008/02/20 11:09:08 | 000,003,277 | ---- | C] () -- C:\WINDOWS\System32\ccleaner.ini
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/09 12:08:04 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007/03/20 09:18:15 | 000,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2007/03/20 09:18:15 | 000,000,050 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2007/03/01 14:13:49 | 000,000,167 | ---- | C] () -- C:\WINDOWS\POLICYW.INI
[2007/02/15 15:36:14 | 000,000,059 | ---- | C] () -- C:\WINDOWS\fsc.INI
[2007/02/15 15:24:15 | 000,000,750 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2007/02/15 15:24:15 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2007/02/15 15:24:13 | 000,000,426 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2007/02/15 15:24:13 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/02/15 15:24:03 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2007/02/15 15:23:59 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2007/02/15 15:22:07 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007/02/15 14:46:38 | 000,000,026 | ---- | C] () -- C:\WINDOWS\cms.INI
[2007/02/15 14:46:14 | 000,000,038 | ---- | C] () -- C:\WINDOWS\MULTICO.INI
[2007/02/15 14:44:47 | 000,001,236 | ---- | C] () -- C:\WINDOWS\LPWFSC.INI
[2007/02/15 14:37:04 | 000,003,751 | ---- | C] () -- C:\WINDOWS\sfs.ini
[2007/01/08 12:55:03 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/01/08 12:51:29 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/01/08 12:29:37 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/11 15:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 15:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 15:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 15:00:45 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004/08/11 15:00:45 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2004/08/11 15:00:45 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004/08/11 15:00:45 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2004/08/11 15:00:45 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2003/01/07 13:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/03/04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll

========== Files - Unicode (All) ==========
[2010/07/27 12:26:45 | 000,000,000 | ---D | M](C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\?racle) -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Оracle
[2010/07/27 12:26:45 | 000,000,000 | ---D | M](C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\?dobe) -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Αdobe
[2010/07/27 12:26:45 | 000,000,000 | ---D | C](C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\?racle) -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Оracle
[2010/07/27 12:26:45 | 000,000,000 | ---D | C](C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\?dobe) -- C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Αdobe

< End of report >

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic7th December 2010, 12:54 am

more_horiz
OTL Extras logfile created on: 12/6/2010 4:49:24 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\jennifer.DGYT6CC1\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 227.00 Mb Available Physical Memory | 22.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.44 Gb Total Space | 56.02 Gb Free Space | 75.25% Space Free | Partition Type: NTFS
Drive F: | 931.50 Gb Total Space | 874.24 Gb Free Space | 93.85% Space Free | Partition Type: NTFS
Drive G: | 931.50 Gb Total Space | 874.24 Gb Free Space | 93.85% Space Free | Partition Type: NTFS

Computer Name: DGYT6CC1 | User Name: jennifer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071B9AFA-EBE8-4ABF-8F4A-9F92612F517E}" = Broadcom ASF Management Applications
"{0B68BB93-4A9E-4962-A22E-25BEE933AB89}" = FSC Rater CA Workstation
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2CA41BA1-9842-4819-8ABB-76FDC14AB9EA}" = ATI Catalyst Control Center
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{5789DF9D-C32B-4905-8B20-AC47433499BF}" = FSC Rater Component
"{628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0}" = Acrobat.com
"{6E6B8160-B2C8-4F87-B4ED-0851C2001E09}" = Quicksilver
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7E7658A2-CD3F-48A7-93EA-0882BCA4FD2A}" = LogMeIn
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{92FD71D5-ED7E-40B2-8DF3-4B5E6F684367}" = Dell ETS Factory Installation
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5D50E76-FAFB-4608-90D4-DA34F7291F77}" = HawkSoft Components
"{A8AD990E-355A-4413-8647-A9B168978423}_is1" = UltraVNC v1.0.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEE2252C-4035-4B27-8EC6-0B085DD3A413}" = Dell Support 3.2.1
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite
"{EBB02E84-8C51-4881-A933-E42E16CA9A89}" = SymmTime
"{FB64BF25-3593-4E4E-AA85-84AEF1D1475F}" = Broadcom Management Programs
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ATI Display Driver" = ATI Display Driver
"AVG9Uninstall" = AVG Free 9.0
"CCleaner" = CCleaner (remove only)
"CleanUp!" = CleanUp!
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Google Desktop" = Google Desktop
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MultiMon TaskBar_is1" = MultiMon TaskBar 2.1
"NirSoft SniffPass" = NirSoft SniffPass
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PrintKey2000" = PrintKey2000
"SearchAssist" = SearchAssist
"ST6UNST #1" = AgencyStation
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/4/2010 11:39:31 PM | Computer Name = DGYT6CC1 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 12/6/2010 12:20:30 PM | Computer Name = DGYT6CC1 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 12/6/2010 5:54:19 PM | Computer Name = DGYT6CC1 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 12/6/2010 5:54:20 PM | Computer Name = DGYT6CC1 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 12/6/2010 6:18:10 PM | Computer Name = DGYT6CC1 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 12/6/2010 6:18:11 PM | Computer Name = DGYT6CC1 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 12/6/2010 7:12:08 PM | Computer Name = DGYT6CC1 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 12/6/2010 7:12:09 PM | Computer Name = DGYT6CC1 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 12/6/2010 8:41:08 PM | Computer Name = DGYT6CC1 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 12/6/2010 8:41:10 PM | Computer Name = DGYT6CC1 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

[ System Events ]
Error - 12/6/2010 6:18:13 PM | Computer Name = DGYT6CC1 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 12/6/2010 6:33:13 PM | Computer Name = DGYT6CC1 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 29 minutes. NtpClient has no source of accurate
time.

Error - 12/6/2010 7:03:13 PM | Computer Name = DGYT6CC1 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 60 minutes. NtpClient has no source of accurate
time.

Error - 12/6/2010 7:11:59 PM | Computer Name = DGYT6CC1 | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring
the volume.

Error - 12/6/2010 7:12:09 PM | Computer Name = DGYT6CC1 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain DOMAIN due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

Error - 12/6/2010 7:12:10 PM | Computer Name = DGYT6CC1 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 12/6/2010 7:12:10 PM | Computer Name = DGYT6CC1 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 12/6/2010 8:41:07 PM | Computer Name = DGYT6CC1 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain DOMAIN due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

Error - 12/6/2010 8:41:10 PM | Computer Name = DGYT6CC1 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 12/6/2010 8:41:10 PM | Computer Name = DGYT6CC1 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.


< End of report >

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic7th December 2010, 12:55 am

more_horiz
Im leaving work be back in the morning thanks again Thank You!

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic7th December 2010, 1:02 am

more_horiz

Code:

Hello.

Please run [b]OTL.exe[/b].[LIST]
[*][b]Copy the commands with file paths below to the clipboard[/b] by highlighting [b]ALL[/b] of them and [b]pressing CTRL + C[/b] (or, after highlighting, right-click and choose [b]Copy[/b]):

[b]
:OTL
O4 - HKCU..\Run: [298734] C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\298734.exe (HDD Corporation)
O4 - HKCU..\Run: [IGwqNKmplw.exe] C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\IGwqNKmplw.exe (MEDIA Corporation)
[2010/12/06 13:54:53 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\jennifer.DGYT6CC1\Desktop\HDD Diagnostic.lnk
[2010/11/09 16:16:45 | 000,000,246 | ---- | C] () -- C:\Documents and Settings\jennifer.DGYT6CC1\Application Data\ssdfsfs.bat

:files
C:\WINDOWS\tasks\At*.job

:commands
[purity]
[emptytemp]
[reboot]
[/b]

[*] Return to OTL, right click in the [b]"Custom Scans/Fixes"[/b] window (under the light green bar) and choose [b]Paste[/b].

[*]Click the red [b]Run Fix[/b] button.
[*]A fix log in Notepad will appear. [b]Copy the contents of the fix log to the clipboard[/b] by highlighting [b]ALL[/b] of them and [b]pressing CTRL + C[/b] (or, after highlighting, right-click and choose copy), and paste it in your next reply.
[*]Close [b]OTL.exe[/b]
[/LIST]If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose [b]Yes.[/b]

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic7th December 2010, 5:35 pm

more_horiz
All processes killed
Error: Unable to interpret <> in the current context!
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\298734 deleted successfully.
C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\298734.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\IGwqNKmplw.exe deleted successfully.
C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\IGwqNKmplw.exe moved successfully.
C:\Documents and Settings\jennifer.DGYT6CC1\Desktop\HDD Diagnostic.lnk moved successfully.
C:\Documents and Settings\jennifer.DGYT6CC1\Application Data\ssdfsfs.bat moved successfully.
========== FILES ==========
C:\WINDOWS\tasks\At1.job moved successfully.
C:\WINDOWS\tasks\At10.job moved successfully.
C:\WINDOWS\tasks\At11.job moved successfully.
C:\WINDOWS\tasks\At12.job moved successfully.
C:\WINDOWS\tasks\At13.job moved successfully.
C:\WINDOWS\tasks\At14.job moved successfully.
C:\WINDOWS\tasks\At15.job moved successfully.
C:\WINDOWS\tasks\At16.job moved successfully.
C:\WINDOWS\tasks\At17.job moved successfully.
C:\WINDOWS\tasks\At18.job moved successfully.
C:\WINDOWS\tasks\At19.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At20.job moved successfully.
C:\WINDOWS\tasks\At21.job moved successfully.
C:\WINDOWS\tasks\At22.job moved successfully.
C:\WINDOWS\tasks\At23.job moved successfully.
C:\WINDOWS\tasks\At24.job moved successfully.
C:\WINDOWS\tasks\At25.job moved successfully.
C:\WINDOWS\tasks\At26.job moved successfully.
C:\WINDOWS\tasks\At27.job moved successfully.
C:\WINDOWS\tasks\At28.job moved successfully.
C:\WINDOWS\tasks\At29.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At30.job moved successfully.
C:\WINDOWS\tasks\At31.job moved successfully.
C:\WINDOWS\tasks\At32.job moved successfully.
C:\WINDOWS\tasks\At33.job moved successfully.
C:\WINDOWS\tasks\At34.job moved successfully.
C:\WINDOWS\tasks\At35.job moved successfully.
C:\WINDOWS\tasks\At36.job moved successfully.
C:\WINDOWS\tasks\At37.job moved successfully.
C:\WINDOWS\tasks\At38.job moved successfully.
C:\WINDOWS\tasks\At39.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
C:\WINDOWS\tasks\At40.job moved successfully.
C:\WINDOWS\tasks\At41.job moved successfully.
C:\WINDOWS\tasks\At42.job moved successfully.
C:\WINDOWS\tasks\At43.job moved successfully.
C:\WINDOWS\tasks\At44.job moved successfully.
C:\WINDOWS\tasks\At45.job moved successfully.
C:\WINDOWS\tasks\At46.job moved successfully.
C:\WINDOWS\tasks\At47.job moved successfully.
C:\WINDOWS\tasks\At48.job moved successfully.
C:\WINDOWS\tasks\At49.job moved successfully.
C:\WINDOWS\tasks\At5.job moved successfully.
C:\WINDOWS\tasks\At50.job moved successfully.
C:\WINDOWS\tasks\At51.job moved successfully.
C:\WINDOWS\tasks\At52.job moved successfully.
C:\WINDOWS\tasks\At53.job moved successfully.
C:\WINDOWS\tasks\At54.job moved successfully.
C:\WINDOWS\tasks\At55.job moved successfully.
C:\WINDOWS\tasks\At56.job moved successfully.
C:\WINDOWS\tasks\At57.job moved successfully.
C:\WINDOWS\tasks\At58.job moved successfully.
C:\WINDOWS\tasks\At59.job moved successfully.
C:\WINDOWS\tasks\At6.job moved successfully.
C:\WINDOWS\tasks\At60.job moved successfully.
C:\WINDOWS\tasks\At61.job moved successfully.
C:\WINDOWS\tasks\At62.job moved successfully.
C:\WINDOWS\tasks\At63.job moved successfully.
C:\WINDOWS\tasks\At64.job moved successfully.
C:\WINDOWS\tasks\At65.job moved successfully.
C:\WINDOWS\tasks\At66.job moved successfully.
C:\WINDOWS\tasks\At67.job moved successfully.
C:\WINDOWS\tasks\At68.job moved successfully.
C:\WINDOWS\tasks\At69.job moved successfully.
C:\WINDOWS\tasks\At7.job moved successfully.
C:\WINDOWS\tasks\At70.job moved successfully.
C:\WINDOWS\tasks\At71.job moved successfully.
C:\WINDOWS\tasks\At8.job moved successfully.
C:\WINDOWS\tasks\At9.job moved successfully.
========== COMMANDS ==========
C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Αdobe\Αdobe folder moved successfully.
C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Αdobe folder moved successfully.
C:\Documents and Settings\jennifer.DGYT6CC1\My Documents\Оracle folder moved successfully.

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: jennifer
->Temp folder emptied: 266946322 bytes
->Temporary Internet Files folder emptied: 362994419 bytes
->Java cache emptied: 2523139 bytes
->Flash cache emptied: 193186 bytes

User: jennifer.DGYT6CC1
->Temp folder emptied: 15345154 bytes
->Temporary Internet Files folder emptied: 263277360 bytes
->Java cache emptied: 63349 bytes
->Flash cache emptied: 19591 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49666023 bytes

User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 1352270 bytes
->Temporary Internet Files folder emptied: 172775 bytes

User: USER
->Temp folder emptied: 188 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 176662150 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 91232406 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 3724022 bytes
RecycleBin emptied: 233915 bytes

Total Files Cleaned = 1,177.00 mb

Error: Unable to interpret <> in the current context!

OTL by OldTimer - Version 3.2.17.3 log created on 12072010_092014

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\~DFA3F4.tmp not found!
File\Folder C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\~DFA5A7.tmp not found!
File\Folder C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\~DFED72.tmp not found!
File\Folder C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\~DFED8F.tmp not found!
File\Folder C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\~DFEE95.tmp not found!
File\Folder C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temp\~DFEEC3.tmp not found!
C:\Documents and Settings\jennifer.DGYT6CC1\Local Settings\Temporary Internet Files\Content.IE5\0DA5H2GV\hard-drive-diagnostic-t25196[1].htm moved successfully.

Registry entries deleted on Reboot...

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic7th December 2010, 5:39 pm

more_horiz
ok everything seems to be running fine no more pop ups but I still cannot see my icons for my desktop Do I just have to adjust my settings again and add them back manually?

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic7th December 2010, 5:44 pm

more_horiz
ok Im trying to recreate my shortcuts to my programs on my desktop and it will not allow...

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic7th December 2010, 11:02 pm

more_horiz
Hello.
We aren't done yet.

  • Download combofix from here
    Link 1
    Link 2

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:

    Hard Drive Diagnostic CF_download_FF

    Hard Drive Diagnostic CF_download_rename

    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.

    Hard Drive Diagnostic Cf410

  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes

    Hard Drive Diagnostic Cf510

  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic7th December 2010, 11:19 pm

more_horiz
I already temp disabled AVG 9.0 as directed but Warning Combo fix cannot run when avg is installed due to avg targeting of combo fixs processes it would be dangerous to continue please uninstall avg or use another tool

is the error I get

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic7th December 2010, 11:54 pm

more_horiz
Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Adobe Reader 9.2
    AVG Free 9.0
    J2SE Runtime Environment 5.0 Update 6
    J2SE Runtime Environment 5.0 Update 11
    Java(TM) 6 Update 2

Now try running Combofix please.

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic8th December 2010, 12:12 am

more_horiz
I cant uninstall AVG it keeps giving me and error Sad tearing

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic9th December 2010, 12:21 am

more_horiz
What's the error say?

descriptionHard Drive Diagnostic EmptyRe: Hard Drive Diagnostic

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum