I acquired the SMART HDD virus yesterday. I found several posts on how to fake the virus into submission, and did so. I ran everything that all posts told me too. Malwarebytes, Kapersky TDSSKiller, HitmanPro, tried ComboFix which didn’t work after the scan. I found this site and ran the OTL as instructed. I am posting the logs. SMART HDD is still in the program menu, and has slowed down the starting of the computer big time. Here’s both OTL logs. I have to post in several posts since there’s a 10000 character limit. I also will post RogueKiller and aswMBR logs.
OTL logfile created on: 4/7/2012 11:31:32 AM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Program Files
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 73.84% Memory free
3.84 Gb Paging File | 3.29 Gb Available in Paging File | 85.83% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.47 Gb Total Space | 89.75 Gb Free Space | 61.28% Space Free | Partition Type: NTFS
Computer Name: ALLAN-LAPPY | User Name: Allan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/04/07 11:30:25 | 000,593,920 | ---- | M] (OldTimer Tools) – C:\Program Files\OTL.exe
PRC - [2012/01/31 08:57:32 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) – C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/01/31 08:57:06 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) – C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/01/31 08:56:50 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) – C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/01/31 08:56:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) – C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/01/13 07:20:00 | 000,041,296 | ---- | M] (AOL Inc.) – C:\Program Files\AOL Desktop 9.6\waol.exe
PRC - [2011/01/13 07:19:58 | 000,045,392 | ---- | M] (AOL Inc.) – C:\Program Files\AOL Desktop 9.6\shellmon.exe
PRC - [2010/11/22 18:19:45 | 002,201,936 | ---- | M] (AOL Inc.) – C:\Program Files\AOL Desktop 9.6\AOLBrowser\aolbrowser.exe
PRC - [2010/10/18 15:08:40 | 000,039,240 | ---- | M] (AOL Inc.) – C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) – C:\Program Files\Common Files\aol\1272640394\ee\aolsoftware.exe
PRC - [2010/01/21 16:24:08 | 000,110,592 | ---- | M] (WDC) – C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) – C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe
PRC - [2007/05/14 14:23:32 | 001,191,936 | ---- | M] (Dell Inc) – C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/05/06 18:10:52 | 000,405,504 | ---- | M] (SigmaTel, Inc.) – C:\WINDOWS\stsystra.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) – C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | R— | M] (AOL LLC) – C:\Program Files\Common Files\aol\acs\AOLacsd.exe
========== Modules (No Company Name) ==========
MOD - [2012/02/15 17:12:02 | 000,212,992 | ---- | M] () – C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\11dcb806c92f55111f5fa9f1a90e3bdd\System.ServiceProcess.ni.dll
MOD - [2012/02/15 17:10:16 | 000,971,264 | ---- | M] () – C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012/02/15 11:39:53 | 005,450,752 | ---- | M] () – C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012/02/15 11:36:04 | 007,953,408 | ---- | M] () – C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2012/02/14 19:23:42 | 000,303,104 | ---- | M] () – C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/01/31 08:57:08 | 000,398,288 | ---- | M] () – C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011/10/13 17:31:19 | 011,490,816 | ---- | M] () – C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () – C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () – C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/13 07:20:01 | 000,048,640 | ---- | M] () – C:\Program Files\AOL Desktop 9.6\zlib.dll
MOD - [2011/01/13 07:19:49 | 000,094,208 | ---- | M] () – C:\Program Files\AOL Desktop 9.6\components\Tier2Svc.dll
MOD - [2011/01/13 07:19:49 | 000,060,928 | ---- | M] () – C:\Program Files\AOL Desktop 9.6\components\DataSvcs.dll
MOD - [2009/01/09 17:10:52 | 000,139,264 | ---- | M] () – C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
MOD - [2007/05/14 14:24:00 | 000,098,304 | ---- | M] () – C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2007/03/16 18:10:54 | 000,086,016 | ---- | M] () – C:\WINDOWS\system32\preflib.dll
MOD - [2007/03/16 18:10:48 | 000,757,760 | ---- | M] () – C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2005/10/13 13:53:36 | 000,090,223 | ---- | M] () – C:\Program Files\Dell\QuickSet\preflibcl.dll
MOD - [2002/11/26 13:43:18 | 000,106,496 | ---- | M] () – C:\WINDOWS\system32\BrMuSNMP.dll