We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

HJT Log Urget help needed to remove "mywebsearch" virus

124»

Comments

  • 4743hudsonj
    4743hudsonj Posts: 3,298 Forumite
    OTL logfile created on: 06/06/2010 18:54:08 - Run 1
    OTL by OldTimer - Version 3.2.5.3 Folder = C:\Users\Coco\Documents\Downloads
    Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    1,014.00 Mb Total Physical Memory | 222.00 Mb Available Physical Memory | 22.00% Memory free
    2.00 Gb Paging File | 1.00 Gb Available in Paging File | 52.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 220.78 Gb Total Space | 190.17 Gb Free Space | 86.14% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: COCO-NETBOOK
    Current User Name: Coco
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Processes (SafeList) ==========

    PRC - [2010/06/06 18:50:57 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Coco\My Documents\Downloads\OTL.exe
    PRC - [2010/05/18 18:26:23 | 002,397,424 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    PRC - [2009/11/23 06:26:51 | 000,526,320 | ---- | M] (Google Inc.) -- C:\Users\Coco\AppData\Local\Google\Chrome\Application\chrome.exe
    PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/09/26 06:00:52 | 000,429,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\OfficeSAS\OfficeSAS.exe
    PRC - [2009/09/26 06:00:52 | 000,202,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\OfficeSAS\OfficeSASScheduler.exe
    PRC - [2009/08/14 08:12:44 | 000,173,080 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
    PRC - [2009/08/06 05:31:06 | 000,727,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
    PRC - [2009/08/06 05:31:06 | 000,707,104 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
    PRC - [2009/08/06 05:31:02 | 000,440,864 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
    PRC - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2009/07/06 10:47:00 | 007,600,672 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    PRC - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    PRC - [2009/06/10 22:14:57 | 000,323,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
    PRC - [2009/06/05 03:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    PRC - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    PRC - [2009/06/04 15:28:36 | 000,184,320 | ---- | M] (Ours Technology Inc.) -- C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe
    PRC - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Registration\GregHSRW.exe
    PRC - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
    PRC - [2009/03/02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2008/12/08 15:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/06/06 18:50:57 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Users\Coco\My Documents\Downloads\OTL.exe
    MOD - [2009/08/06 05:31:32 | 000,215,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell Power Management\SysHook.dll
    MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
    MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
    MOD - [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
    MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
    MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
    MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
    MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
    MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
    MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
    MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
    MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
    MOD - [2009/07/14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2009/09/30 01:22:36 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2009/09/26 05:28:22 | 004,639,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
    SRV - [2009/08/06 05:31:06 | 000,727,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
    SRV - [2009/07/21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
    SRV - [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
    SRV - [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
    SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
    SRV - [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
    SRV - [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
    SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
    SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
    SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
    SRV - [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
    SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
    SRV - [2009/07/14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
    SRV - [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
    SRV - [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
    SRV - [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
    SRV - [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
    SRV - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
    SRV - [2009/07/04 02:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
    SRV - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
    SRV - [2009/06/04 14:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Registration\GregHSRW.exe -- (Greg_Service)
    SRV - [2009/05/13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2008/12/08 15:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)


    ========== Driver Services (SafeList) ==========

    DRV - [2010/05/10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2010/02/17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2009/12/11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
    DRV - [2009/12/11 08:20:45 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
    DRV - [2009/08/06 03:02:58 | 004,786,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
    DRV - [2009/07/27 08:06:44 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
    DRV - [2009/07/16 12:31:38 | 001,176,064 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
    DRV - [2009/07/14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
    DRV - [2009/07/14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
    DRV - [2009/07/14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
    DRV - [2009/07/14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
    DRV - [2009/07/14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
    DRV - [2009/07/14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
    DRV - [2009/07/14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
    DRV - [2009/07/14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
    DRV - [2009/07/14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
    DRV - [2009/07/14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
    DRV - [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
    DRV - [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
    DRV - [2009/07/14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
    DRV - [2009/07/14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
    DRV - [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
    DRV - [2009/07/14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
    DRV - [2009/07/14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2009/07/14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
    DRV - [2009/07/14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
    DRV - [2009/07/14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
    DRV - [2009/07/14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
    DRV - [2009/07/14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
    DRV - [2009/07/14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
    DRV - [2009/07/14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
    DRV - [2009/07/14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
    DRV - [2009/07/14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
    DRV - [2009/07/14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
    DRV - [2009/07/14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
    DRV - [2009/07/14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
    DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
    DRV - [2009/07/14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
    DRV - [2009/07/14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
    DRV - [2009/07/14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
    DRV - [2009/07/14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
    DRV - [2009/07/14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
    DRV - [2009/07/14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
    DRV - [2009/07/14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
    DRV - [2009/07/14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
    DRV - [2009/07/14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
    DRV - [2009/07/14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2009/07/14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
    DRV - [2009/07/14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
    DRV - [2009/07/14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
    DRV - [2009/07/14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
    DRV - [2009/07/14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
    DRV - [2009/07/14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
    DRV - [2009/07/14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
    DRV - [2009/07/14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
    DRV - [2009/07/14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
    DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2009/07/14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
    DRV - [2009/07/14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
    DRV - [2009/07/14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\CompositeBus.sys -- (CompositeBus)
    DRV - [2009/07/14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
    DRV - [2009/07/14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
    DRV - [2009/07/14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
    DRV - [2009/07/14 00:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
    DRV - [2009/07/14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
    DRV - [2009/07/14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
    DRV - [2009/07/13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009/07/13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
    DRV - [2009/07/13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
    DRV - [2009/07/13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
    DRV - [2009/07/13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
    DRV - [2009/07/13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
    DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
    DRV - [2009/07/13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
    DRV - [2009/07/13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
    DRV - [2009/07/06 10:12:00 | 002,657,120 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2009/06/24 03:59:10 | 000,167,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV - [2009/06/18 13:12:34 | 000,212,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
    DRV - [2009/06/05 02:43:16 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
    DRV - [2009/05/11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
    DRV - [2009/03/30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
    DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=dots&r=27b511091115l03c4wwl5f4832r228


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    Back by no demand whatsoever.
  • 4743hudsonj
    4743hudsonj Posts: 3,298 Forumite
    IE - HKU\S-1-5-21-163699707-960154182-3390683709-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
    IE - HKU\S-1-5-21-163699707-960154182-3390683709-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-163699707-960154182-3390683709-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



    O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
    O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    O4 - HKLM..\Run: [OMEA] C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe (Ours Technology Inc.)
    O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKU\S-1-5-21-163699707-960154182-3390683709-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-163699707-960154182-3390683709-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-163699707-960154182-3390683709-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-163699707-960154182-3390683709-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O10 - NameSpace_Catal!!!\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - C:\Windows\System32\ias [2009/07/14 03:37:08 | 000,000,000 | ---D | M]
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found
    NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
    NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)


    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
    Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/06/06 18:03:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2010/06/04 22:20:47 | 000,000,000 | ---D | C] -- C:\ComboFix
    [2010/06/04 22:20:22 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
    [2010/06/04 22:20:15 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
    [2010/06/04 21:48:04 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2010/06/04 21:48:04 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2010/06/04 21:48:04 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2010/06/04 21:47:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2010/06/04 21:47:12 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2010/06/04 19:29:02 | 000,000,000 | ---D | C] -- C:\Users\Coco\AppData\Roaming\SUPERAntiSpyware.com
    [2010/06/04 19:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2010/06/04 19:28:52 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2010/06/03 19:36:58 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
    [2010/06/02 20:26:40 | 000,000,000 | ---D | C] -- C:\Users\Coco\AppData\Local\Deployment
    [2010/06/02 20:26:33 | 000,000,000 | ---D | C] -- C:\Users\Coco\AppData\Local\Apps
    [2010/05/27 15:20:25 | 000,000,000 | ---D | C] -- C:\Users\Coco\AppData\Roaming\RGE
    [2010/05/27 15:19:52 | 000,000,000 | ---D | C] -- C:\Program Files\StarterBackgroundChanger
    [2010/05/26 20:58:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2010/05/09 20:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
    [2010/05/09 20:07:33 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2010/05/09 20:07:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2010/05/09 20:07:09 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
    [2010/05/09 20:07:09 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
    [2010/05/09 20:07:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
    [2010/05/09 20:07:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
    [1 C:\Users\Coco\Documents\*.tmp files -> C:\Users\Coco\Documents\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/06/06 18:56:10 | 003,670,016 | -HS- | M] () -- C:\Users\Coco\NTUSER.DAT
    [2010/06/06 18:52:36 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/06/06 18:52:36 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/06/06 18:45:12 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/06/06 18:45:06 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/06/06 18:44:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/06/06 18:44:50 | 797,491,200 | -HS- | M] () -- C:\hiberfil.sys
    [2010/06/06 18:29:07 | 026,465,585 | -H-- | M] () -- C:\Users\Coco\AppData\Local\IconCache.db
    [2010/06/06 18:11:01 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/06/06 18:09:28 | 000,013,387 | ---- | M] () -- C:\Users\Coco\Desktop\HijackThis - Shortcut.lnk
    [2010/06/04 22:37:25 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
    [2010/06/04 20:53:50 | 000,713,888 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010/06/04 20:53:50 | 000,619,642 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/06/04 20:53:50 | 000,107,792 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/06/04 19:28:57 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2010/06/03 19:36:59 | 000,001,234 | ---- | M] () -- C:\Users\Coco\Desktop\Revo Uninstaller.lnk
    [2010/05/23 22:26:43 | 000,002,182 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
    [2010/05/12 11:21:16 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
    [2010/05/09 20:06:50 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
    [2010/05/09 20:06:50 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
    [2010/05/09 20:06:50 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
    [2010/05/09 20:06:50 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
    [1 C:\Users\Coco\Documents\*.tmp files -> C:\Users\Coco\Documents\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/06/06 18:09:28 | 000,013,387 | ---- | C] () -- C:\Users\Coco\Desktop\HijackThis - Shortcut.lnk
    [2010/06/04 21:48:04 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
    [2010/06/04 21:48:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2010/06/04 21:48:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2010/06/04 21:48:04 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
    [2010/06/04 21:48:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2010/06/04 19:28:57 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2010/06/03 19:36:59 | 000,001,234 | ---- | C] () -- C:\Users\Coco\Desktop\Revo Uninstaller.lnk
    [2010/05/23 22:26:43 | 000,002,182 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
    [2009/09/30 01:19:01 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
    [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

    ========== Custom Scans ==========


    < %systemroot%\system32\*.dll /lockedfiles >
    [2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
    [2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\System32\config\*.sav >

    < %systemroot%\*. /mp /s >

    < %SYSTEMDRIVE%\*.exe >

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:E1F04E8D
    @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:4D066AD2
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:ABE89FFE
    @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B9176C0
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:93DE1838
    @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:AB689DEA
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:4CF61E54
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:3612C9BE

    < End of report >
    Back by no demand whatsoever.
  • 4743hudsonj
    4743hudsonj Posts: 3,298 Forumite
    OTL Extras logfile created on: 06/06/2010 18:54:08 - Run 1
    OTL by OldTimer - Version 3.2.5.3 Folder = C:\Users\Coco\Documents\Downloads
    Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    1,014.00 Mb Total Physical Memory | 222.00 Mb Available Physical Memory | 22.00% Memory free
    2.00 Gb Paging File | 1.00 Gb Available in Paging File | 52.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 220.78 Gb Total Space | 190.17 Gb Free Space | 86.14% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: COCO-NETBOOK
    Current User Name: Coco
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-163699707-960154182-3390683709-1000\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- C:\Users\Coco\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
    "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
    "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
    "{20140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 (Beta)
    "{20140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 (Beta)
    "{20140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 (Beta)
    "{20140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 (Beta)
    "{20140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 (Beta)
    "{20140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 (Beta)
    "{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta)
    "{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta)
    "{20140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 (Beta)
    "{20140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 (Beta)
    "{20140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 (Beta)
    "{20140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 (Beta)
    "{20140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 (Beta)
    "{20140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)
    "{20140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 (Beta)
    "{20140000-011A-0000-0000-0000000FF1CE}" = Microsoft Office Send-a-Smile
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
    "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
    "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    "{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
    "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
    "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{5511C07D-A83C-45AD-92B6-42DF99729A3C}" = Adobe Photoshop Elements 7.0
    "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}" = Video Web Camera
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
    "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117701833}" = Cake Mania Main Street
    "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{9242564e-02e9-4ea8-9d2d-351f6f728e1c}_is1" = Packard Bell GameZone Console
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9EB6EAE1-5CFC-46F1-9FB9-5FDA335DDE3D}" = Packard Bell XSync
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
    "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
    "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3.2 MUI
    "{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
    "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
    "{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
    "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
    "CCleaner" = CCleaner
    "Defraggler" = Defraggler
    "Farm Frenzy 2 Deluxe" = Farm Frenzy 2 Deluxe
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "InstallShield_{9EB6EAE1-5CFC-46F1-9FB9-5FDA335DDE3D}" = Packard Bell XSync
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Messenger Plus! Live" = Messenger Plus! Live
    "Office14.SingleImage" = Microsoft Office Professional 2010
    "Packard Bell Registration" = Packard Bell Registration
    "PhotoScape" = PhotoScape
    "Revo Uninstaller" = Revo Uninstaller 1.88
    "Spotify" = Spotify
    "StarterBackgroundChanger" = StarterBackgroundChanger
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "WinLiveSuite_Wave3" = Windows Live Essentials

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-163699707-960154182-3390683709-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 22/04/2010 18:07:01 | Computer Name = Coco-Netbook | Source = MsiInstaller | ID = 11719
    Description =

    Error - 28/04/2010 13:18:12 | Computer Name = Coco-Netbook | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "c:\Program Files\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
    Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
    of attribute "version" in element "assemblyIdentity" is invalid.

    Error - 05/05/2010 11:45:09 | Computer Name = Coco-Netbook | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "c:\Program Files\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
    Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
    of attribute "version" in element "assemblyIdentity" is invalid.

    Error - 06/05/2010 16:51:18 | Computer Name = Coco-Netbook | Source = Application Hang | ID = 1002
    Description = The program iexplore.exe version 8.0.7600.16385 stopped interacting
    with Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: b60 Start
    Time: 01caed5dbb30b528 Termination Time: 250 Application Path: C:\Program Files\Internet
    Explorer\iexplore.exe Report Id: 16b7a68a-5951-11df-9478-002622565389

    Error - 11/05/2010 13:25:17 | Computer Name = Coco-Netbook | Source = Application Error | ID = 1000
    Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
    0x4b09f951 Faulting module name: OLEAUT32.dll, version: 6.1.7600.16385, time stamp:
    0x4a5bdaca Exception code: 0xc0000005 Fault offset: 0x00004660 Faulting process id:
    0xccc Faulting application start time: 0x01caf12eaa022ca1 Faulting application path:
    C:\Users\Coco\AppData\Local\Google\Chrome\Application\chrome.exe Faulting module
    path: C:\Windows\system32\OLEAUT32.dll Report Id: 2a1ef7c6-5d22-11df-821f-002622565389

    Error - 16/05/2010 13:19:02 | Computer Name = Coco-Netbook | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "c:\Program Files\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
    Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
    of attribute "version" in element "assemblyIdentity" is invalid.

    Error - 16/05/2010 13:36:37 | Computer Name = Coco-Netbook | Source = Application Error | ID = 1000
    Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
    0x4b09f951 Faulting module name: cooliris.dll, version: 1.11.0.0, time stamp: 0x4b85e788
    Exception
    code: 0xc0000005 Fault offset: 0x001f1d20 Faulting process id: 0x1278 Faulting application
    start time: 0x01caf51bfc0a3ba8 Faulting application path: C:\Users\Coco\AppData\Local\Google\Chrome\Application\chrome.exe
    Faulting
    module path: C:\Users\Coco\AppData\Local\Google\Chrome\User Data\Default\Extensions\noocneohefmdhonidldnlhaainpiomkp\1.11.7.33611\lib\cooliris.dll
    Report
    Id: 93be85af-6111-11df-9463-002622565389

    Error - 17/05/2010 14:48:52 | Computer Name = Coco-Netbook | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "c:\Program Files\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
    Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
    of attribute "version" in element "assemblyIdentity" is invalid.

    Error - 27/05/2010 11:47:28 | Computer Name = Coco-Netbook | Source = SideBySide | ID = 16842815
    Description = Activation context generation failed for "c:\Program Files\Common
    Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
    Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
    of attribute "version" in element "assemblyIdentity" is invalid.

    Error - 29/05/2010 09:18:49 | Computer Name = Coco-Netbook | Source = Google Update | ID = 20
    Description =

    [ System Events ]
    Error - 08/05/2010 11:54:57 | Computer Name = Coco-Netbook | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    cdrom

    Error - 08/05/2010 18:18:44 | Computer Name = Coco-Netbook | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    cdrom

    Error - 08/05/2010 18:31:33 | Computer Name = Coco-Netbook | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    cdrom

    Error - 08/05/2010 18:38:14 | Computer Name = Coco-Netbook | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    cdrom

    Error - 09/05/2010 14:07:35 | Computer Name = Coco-Netbook | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    cdrom

    Error - 10/05/2010 10:37:41 | Computer Name = Coco-Netbook | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    cdrom

    Error - 10/05/2010 10:43:35 | Computer Name = Coco-Netbook | Source = DCOM | ID = 10005
    Description =

    Error - 10/05/2010 10:43:34 | Computer Name = Coco-Netbook | Source = Service Control Manager | ID = 7038
    Description = The upnphost service was unable to log on as NT AUTHORITY\LocalService
    with the currently configured password due to the following error: %%1352 To ensure
    that the service is configured properly, use the Services snap-in in Microsoft
    Management Console (MMC).

    Error - 10/05/2010 10:43:34 | Computer Name = Coco-Netbook | Source = Service Control Manager | ID = 7000
    Description = The UPnP Device Host service failed to start due to the following
    error: %%1069

    Error - 10/05/2010 13:04:13 | Computer Name = Coco-Netbook | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    cdrom


    < End of report >
    Back by no demand whatsoever.
  • 4743hudsonj
    4743hudsonj Posts: 3,298 Forumite
    Bump bump bump
    Back by no demand whatsoever.
  • The_Grandmaster
    The_Grandmaster Posts: 1,424 Forumite
    Part of the Furniture Combo Breaker
    If I had any idea how to read those logs I would be more than happy to have a look...
  • Thebiker
    Thebiker Posts: 29 Forumite
    Part of the Furniture 10 Posts Combo Breaker
    Them logs look fine no problem there.

    OldTimers tool OTL has now gone public, so you can see how to use and read it at GeekstoGo. just google "geekstogo Oldtimer listit" and it's the first link
  • 4743hudsonj
    4743hudsonj Posts: 3,298 Forumite
    Thebiker wrote: »
    Them logs look fine no problem there.

    OldTimers tool OTL has now gone public, so you can see how to use and read it at GeekstoGo. just google "geekstogo Oldtimer listit" and it's the first link

    Hmmmm so why the ad still on her desktop, all scans turn up fine, no slowdown, keyboard normal again, that ad thing is just a minor annoyance, maybe if i kill some tasks in task manager?
    Back by no demand whatsoever.
  • dogmaryxx
    dogmaryxx Posts: 2,446 Forumite
    Part of the Furniture 1,000 Posts Name Dropper
    From reading and trying to understand above log, see if you can access Internet Options from within IE(via tools) or in the control panel.
    Will not help with current problem though.
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    Id try resetting the hosts file

    Download HostsXpert
    http://www.softpedia.com/progDownload/Hoster-Download-27041.html
    and then follow the below steps.

    * Unzip HostsXpert.zip
    * It will create a folder named HostsXpert in whatever folder you extract it to.
    * Run HostsXpert.exe by double clicking on it.
    * click the Make Writeable? button.
    * click Restore Microsoft's Hosts File and then click OK.
    * Click the X to exit the program
    :idea:
  • 4743hudsonj
    4743hudsonj Posts: 3,298 Forumite
    dogmaryxx wrote: »
    From reading and trying to understand above log, see if you can access Internet Options from within IE(via tools) or in the control panel.
    Will not help with current problem though.

    Yes i can but no effect on the ad thing

    http://en.wikipedia.org/wiki/Microsoft_Popfly

    thats whats searched, why search a legit site?
    Back by no demand whatsoever.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 352.5K Banking & Borrowing
  • 253.7K Reduce Debt & Boost Income
  • 454.5K Spending & Discounts
  • 245.5K Work, Benefits & Business
  • 601.5K Mortgages, Homes & Bills
  • 177.6K Life & Family
  • 259.5K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 37.7K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture