Search the Community

Showing results for tags 'xmlka'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Lavasoft - Announcements (Read only)
    • Announcements
  • Product Support
    • adaware antivirus 12
    • Ad-Aware 11
    • adaware ad block & web protection
    • Ad-Aware Web Companion
    • General support
    • Old versions and other Lavasoft products
  • Request a Feature
    • adaware antivirus
    • adaware ad block
  • Malware Removal Help
    • Help with Stubborn Infections
    • Malware Uploads
  • False Positives
    • Report a False Positive
  • Beta Testing
    • Ad-Aware 12 Beta Testing
  • FAQ's
  • Archived Topics
    • Archives: Resolved/Inactive Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 1 result

  1. Good evening, Can you assist please. I seem to have picked up a virus and was getting a lot of messages from Avast with 'xmlka' in them. I ran a full virus check/root check but nothing showed up. I then ran a Malwarebytes and Ad-Aware scan - nothing found. I restored my PC back to a few weeks and the Avast messages seem to have stopped for now, but everything - even basic tasks are running incredibly slowly! Thanks in advance. Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-12-2014 01 Ran by Simon at 2014-12-21 19:51:14 Running from C:\Documents and Settings\Simon\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Ad-Aware Antivirus (Disabled - Up to date) {22CB8761-914A-11CF-B705-00AA0062CBB7} AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: Ad-Aware Firewall (Disabled) {9211320F-6C40-4035-BBDE-3C96ED504F33} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Ad-Aware Antivirus (HKLM\...\{69489131-0E91-491B-9E15-1987CDAD95C6}_AdAwareUpdater) (Version: 11.5.202.7299 - Lavasoft) Ad-Aware Web Companion (Version: 1.1.844.1586 - Lavasoft) Hidden AdAwareInstaller (Version: 11.5.202.7299 - Lavasoft) Hidden AdAwareUpdater (Version: 11.5.202.7299 - Lavasoft) Hidden Adjunct Blaster 1.2 (HKLM\...\Adjunct Blaster_is1) (Version: - StudyLamp Software) Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated) Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.7.700.202 - Adobe Systems Incorporated) Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated) Adobe Reader 7.1.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A71000000002}) (Version: 7.1.0 - Adobe Systems Incorporated) Adobe Shockwave Player (HKLM\...\Adobe Shockwave Player) (Version: 11 - Adobe Systems, Inc.) Amazon MP3 Downloader 1.0.8 (HKLM\...\Amazon MP3 Downloader) (Version: - ) AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ATI Catalyst Control Center (HKLM\...\{27B6A08F-4C54-4659-B0CF-47B640B8CA00}) (Version: 1.2.2390.37472 - ) ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.282-060802a-035722C-ATI - ) Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version: - ) Avast Free Antivirus (HKLM\...\avast) (Version: 10.0.2208 - AVAST Software) Belkin Wireless USB Utility (HKLM\...\InstallShield_{A6359CCF-215D-43D9-8366-479D231F2A72}) (Version: 6.3.2.16 - Belkin) Belkin Wireless USB Utility (Version: 6.3.2.16 - Belkin) Hidden Bing Bar (HKLM\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation) BlackBerry Desktop Software 5.0.1 (HKLM\...\BlackBerry_{205A5182-EFC8-4C25-B61D-C164F8FF4048}) (Version: 5.0.1.28 - Research In Motion Ltd.) BlackBerry Desktop Software 5.0.1 (Version: 5.0.1.28 - Research In Motion Ltd.) Hidden BlackBerry® Media Sync (HKLM\...\{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}) (Version: 2.0.28 - Research In Motion) Bluesoleil2.6.0.8 Release 070517 (HKLM\...\{438BB9B4-65FE-4626-91D9-A8F57B18001D}) (Version: 2.6.0.8 Release 070517 - IVT Corporation) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (Version: 70.0.170.000 - Hewlett-Packard) Hidden CA Yahoo! Anti-Spy (remove only) (HKLM\...\cayahooantispy) (Version: - CA, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform) Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version: - Microsoft Corporation) CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden D2300 (Version: 70.0.260.000 - Hewlett-Packard) Hidden D2300_Help (Version: 70.0.260.000 - Hewlett-Packard) Hidden Defraggler (HKLM\...\Defraggler) (Version: 1.17 - Piriform) Delta Chrome Toolbar (HKLM\...\Delta Chrome Toolbar) (Version: - Delta) <==== ATTENTION DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden Email Updater (HKLM\...\{2F1E5C4C-B20C-42C3-B5F1-1FE2CA207AFE}) (Version: 1.0.4 - Virgin Media) eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden EZ Label Xpress Lite (HKLM\...\InstallShield_{1DA07BCA-FD11-406E-89A8-5B4496F43FC5}) (Version: 1.00.0000 - EZ MERITLINE) EZ Label Xpress Lite (Version: 1.00.0000 - EZ MERITLINE) Hidden Food Additives 1.0 (HKLM\...\Food Additives) (Version: 1.0 - FinitySoft) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation) HP Customer Participation Program 7.0 (HKLM\...\HPExtendedCapabilities) (Version: 7.0 - HP) HP Imaging Device Functions 7.0 (HKLM\...\HP Imaging Device Functions) (Version: 7.0 - HP) HP Photosmart and Deskjet 7.0 Software (HKLM\...\{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}) (Version: 7.1 - HP) HP Photosmart Essential (HKLM\...\{6994491D-D491-48F1-AE1F-E179C1FFFC2F}) (Version: 1.9.1.3 - HP) HP Software Update (HKLM\...\{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}) (Version: 3.0.7.014 - HEWLET~1|Hewlett-Packard) HP Solution Center 7.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 7.0 - HP) hph_ProductContext (Version: 70.0.260.000 - Hewlett-Packard) Hidden hph_readme (Version: 70.0.260.000 - Hewlett-Packard) Hidden hph_software (Version: 70.0.260.000 - Hewlett-Packard) Hidden hph_software_req (Version: 70.0.260.000 - Hewlett-Packard) Hidden HPPhotoSmartExpress (Version: 70.0.170.000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 70.0.170.000 - Hewlett-Packard) Hidden InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.780 - InterVideo Inc.) iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.) J2SE Runtime Environment 5.0 Update 3 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150030}) (Version: 1.5.0.30 - Sun Microsystems, Inc.) Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java 6 Update 2 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.) Java SE Runtime Environment 6 Update 1 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.) Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden Labtec WebCam Software (HKLM\...\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}) (Version: 8.42.0000 - Labtec, Inc.) Labtec® Camera Driver (HKLM\...\QcDrv) (Version: - ) LAME v3.98.2 for Audacity (HKLM\...\LAME for Audacity_is1) (Version: - ) LavasoftTcpService (Version: 2.2.9.5 - Lavasoft) Hidden MarketResearch (Version: 70.0.170.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2656353) (HKLM\...\M2656353) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2656370) (HKLM\...\M2656370) (Version: - ) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation) Microsoft Creative Writer 2 (HKLM\...\Creative Writer 2) (Version: - ) Microsoft Office 2000 Premium (HKLM\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6361.0 - Microsoft Corporation) Microsoft Office XP Small Business (HKLM\...\{91130409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation) Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version: - ) MSN (HKLM\...\MSNINST) (Version: - ) MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 6 Service Pack 2 (KB973686) (HKLM\...\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}) (Version: 6.20.2003.0 - Microsoft Corporation) Nero BurnRights (HKLM\...\Nero BurnRights!UninstallKey) (Version: - ) Nero Digital (HKLM\...\NeroVision!UninstallKey) (Version: - ) Nero OEM (HKLM\...\Nero - Burning Rom!UninstallKey) (Version: - ) NeroVision Express Content (HKLM\...\NVEContent!UninstallKey) (Version: - ) New Star Soccer (HKLM\...\New Star Soccer) (Version: - ) Panda ActiveScan 2.0 (HKLM\...\ActiveScan 2.0) (Version: 01.04.01.0014 - Panda Security) PASSAGE 1995 Edition (Freeware) (HKLM\...\Passage) (Version: - ) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.1 - Google, Inc.) PlayStation®Network Downloader (HKLM\...\{BC4CA8FA-41D2-4B81-8680-E9B7573D6500}) (Version: 1.01.00018 - Sony Computer Entertainment Inc.) PlayStation®Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 1.0.0.10213 - Sony Computer Entertainment Inc.) PrintMaster Gold 4.03 (HKLM\...\PrintMaster Gold 4.03) (Version: - ) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - ) Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden Skype Toolbars (HKLM\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4137 - Skype Technologies S.A.) Skype™ 5.1 (HKLM\...\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}) (Version: 5.1.112 - Skype Technologies S.A.) Software Update for Web Folders (Version: 9.60.6715.0 - Microsoft Corporation) Hidden SolutionCenter (Version: 70.0.170.000 - Hewlett-Packard) Hidden Spotify (HKLM\...\Spotify) (Version: 0.4.3 - ) SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC) Status (Version: 70.0.170.000 - Hewlett-Packard) Hidden Toolbox (Version: 70.0.170.000 - Hewlett-Packard) Hidden TrayApp (Version: 70.0.170.000 - Hewlett-Packard) Hidden Tweak UI (HKLM\...\Tweak UI 2.10) (Version: - ) UK National Lottery Ticket Checker (HKLM\...\UK National Lottery Ticket Checker) (Version: - ) Unload (Version: 7.0.0 - Hewlett-Packard) Hidden Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) VR-1 Game Launcher (HKLM\...\VR-1 Game Launcher) (Version: - ) Web Companion (HKLM\...\{D5116390-5C95-4FEA-A719-78C3C8B5DFB5}_WebCompanion) (Version: 1.1.844.1586 - Lavasoft) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden WebReg (Version: 70.0.170.000 - Hewlett-Packard) Hidden Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0018.5 - Microsoft Corporation) Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation) Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0059.1 - Microsoft Corporation) Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation) Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - ) Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation) WinZip (HKLM\...\WinZip) (Version: 8.1 (4331) - WinZip Computing, Inc.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{156ACF3D-3BB5-328B-8682-CED029D43C01}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{1DB47FBB-7AC1-3880-8AAE-4297395A7876}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{236A05F6-385C-3B02-A1E4-1714BAA11BA0}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{2CCAE74C-424B-3F5B-8CDE-D443542BB33D}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{369E689F-3511-341F-AD83-CCE40620775E}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{86E6A200-3173-31C5-B4A9-206733589FF7}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{8999D250-5337-37A2-890A-50B98505A511}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{93ED95FB-B4EE-399C-AF77-A19F1250A4B8}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{94C900E8-824F-3340-9926-99298FDD976E}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{9B5997C1-125F-39D7-B6F1-2F9F8D862D9D}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{9ED30511-AF2B-3E23-8D7D-CDE7DFD994E7}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{A87ACD9A-94E4-3F0F-A414-228C4B3460BA}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{ABF3F743-D1CA-3D70-B2F8-7259FCD53CFE}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{B334831F-99BC-3DFB-9758-64EE98D92BDE}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{C6DB4841-51DD-33FE-862A-678F9B7FC91C}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{C87166D1-9E22-3D59-85DA-F96CA8A2004B}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS) CustomCLSID: HKU\S-1-5-21-2284049915-3903095038-2347252828-1007_Classes\CLSID\{FD0EBBED-0C42-4D0F-82DA-44399B5C420A}\InprocServer32 -> C:\WINDOWS\system32\mscoree.DLL (Microsoft Corporation) ==================== Restore Points ========================= 21-11-2014 10:10:48 System Checkpoint 22-11-2014 12:58:35 avast! antivirus system restore point 27-11-2014 20:19:52 System Checkpoint 04-12-2014 18:38:05 System Checkpoint 21-12-2014 15:38:57 System Checkpoint 21-12-2014 17:38:05 Restore Operation 21-12-2014 17:56:51 Installed Windows XP KB942288-v3. 21-12-2014 17:57:26 AA11 21-12-2014 18:02:50 LavasoftWeCompanion ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-21 22:44 - 2008-02-17 10:29 - 00224678 ____R C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.1001-search.info 127.0.0.1 1001-search.info 127.0.0.1 www.100888290cs.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 www.10sek.com 127.0.0.1 10sek.com 127.0.0.1 www.123topsearch.com 127.0.0.1 123topsearch.com 127.0.0.1 www.132.com 127.0.0.1 132.com 127.0.0.1 www.136136.net 127.0.0.1 136136.net 127.0.0.1 www.139mm.com 127.0.0.1 139mm.com 127.0.0.1 www.163ns.com 127.0.0.1 163ns.com There are 1000 more lines. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-12-21 17:48 - 2014-12-21 17:48 - 02908160 _____ () C:\Program Files\Alwil Software\Avast5\defs\14122101\algo.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 02562896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareShellExtension.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 02423600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\RCF.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00110432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_filesystem-vc100-mt-1_57.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00022360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_system-vc100-mt-1_57.dll 2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-11-21 20:04 - 2014-11-22 12:59 - 38562088 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll 2012-03-24 19:15 - 2012-03-24 19:15 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_8ed399c6\mscorlib.dll 2012-06-21 08:29 - 2012-06-21 08:29 - 03035136 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_e6857051\system.windows.forms.dll 2012-03-24 19:14 - 2012-03-24 19:14 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_a73297d9\system.dll 2012-03-24 19:15 - 2012-03-24 19:15 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_10607ec5\system.xml.dll 2012-06-21 08:29 - 2012-06-21 08:29 - 00843776 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_7c8b89c2\system.drawing.dll 2014-12-18 14:45 - 2014-12-18 14:45 - 00662544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareService.exe 2014-12-18 15:20 - 2014-12-18 15:20 - 00090456 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_thread-vc100-mt-1_57.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00030040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_chrono-vc100-mt-1_57.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00048480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_date_time-vc100-mt-1_57.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 10552144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareServiceKernel.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00635224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_regex-vc100-mt-1_57.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00580424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareActivation.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00409432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareApplicationUpdater.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00640840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareGamingMode.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00087360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareReset.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00104768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTime.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00760664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareDefinitionsUpdater.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00691560 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareDefinitionsUpdaterScheduler.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00865096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareIgnoreList.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00207688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareQuarantine.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00796504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAntiMalwareEngine.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00174936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAntiRootkitEngine.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00869712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareScannerHistory.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 01018176 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareScanner.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00030552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_timer-vc100-mt-1_57.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00768344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareScannerScheduler.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00857432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareRealTimeProtection.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00190800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareIncompatibles.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00705352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAntiSpam.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00671056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAntiPhishing.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 02364240 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareParentalControl.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 02665296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareWebProtection.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00990032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareEmailProtection.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00046944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_iostreams-vc100-mt-1_57.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00999256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareNetworkProtection.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00766272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwarePromo.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00298824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareFeedback.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 02123608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareThreatWorkAlliance.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00969536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwarePinCode.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00766784 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareNotice.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00759112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareAvcEngine.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00923496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareRealTimeProtectionHistory.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00121664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\SecurityCenter.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 07700288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTray.exe 2014-12-18 15:20 - 2014-12-18 15:20 - 00405848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_locale-vc100-mt-1_57.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 01624896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\HtmlFramework.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00056632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\DllStorage.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00870224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareTrayDefaultSkin.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 00641856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\Localization.dll 2014-12-16 12:08 - 2014-12-16 12:08 - 00070464 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll 2014-12-16 12:08 - 2014-12-16 12:08 - 00171368 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll 2014-12-16 12:08 - 2014-12-16 12:08 - 00089928 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll 2014-12-16 12:10 - 2014-12-16 12:10 - 00041304 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll 2014-12-16 12:08 - 2014-12-16 12:08 - 00015696 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll 2014-12-16 12:08 - 2014-12-16 12:08 - 00039256 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll 2014-12-16 12:08 - 2014-12-16 12:08 - 00015208 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe 2014-12-16 12:08 - 2014-12-16 12:08 - 00012144 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll 2014-12-16 12:08 - 2014-12-16 12:08 - 00032616 _____ () C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 14300480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareDesktop.exe 2014-12-18 15:20 - 2014-12-18 15:20 - 00371056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\boost_program_options-vc100-mt-1_57.dll 2014-12-18 15:20 - 2014-12-18 15:20 - 09416536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.5.202.7299\AdAwareDesktopDefaultSkin.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Belkin Wireless USB Utility.lnk => C:\WINDOWS\pss\Belkin Wireless USB Utility.lnkCommon Startup MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup MSCONFIG\startupfolder: C:^Documents and Settings^David^Start Menu^Programs^Startup^Desktop Manager.lnk => C:\WINDOWS\pss\Desktop Manager.lnkStartup MSCONFIG\startupreg: Alcmtr => ALCMTR.EXE MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BlackBerryAutoUpdate => C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe MSCONFIG\startupreg: High Definition Audio Property Page Shortcut => HDAShCut.exe MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: ISUSPM => "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: LogitechVideoRepair => C:\Program Files\Logitech\Video\ISStart.exe MSCONFIG\startupreg: LogitechVideoTray => C:\Program Files\Logitech\Video\LogiTray.exe MSCONFIG\startupreg: LVCOMSX => C:\WINDOWS\system32\LVCOMSX.EXE MSCONFIG\startupreg: Malwarebytes Anti-Malware => C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent MSCONFIG\startupreg: Malwarebytes' Anti-Malware => C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent MSCONFIG\startupreg: NeroFilterCheck => C:\WINDOWS\system32\NeroCheck.exe MSCONFIG\startupreg: QuickTime Task => MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" MSCONFIG\startupreg: SMSERIAL => sm56hlpr.exe MSCONFIG\startupreg: Spotify => "C:\Program Files\Spotify\spotify.exe" /uri spotify:autostart MSCONFIG\startupreg: Spotify Web Helper => "C:\Program Files\Spotify\Data\SpotifyWebHelper.exe" MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre6\bin\jusched.exe" MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" MSCONFIG\startupreg: Windows Defender => "C:\Program Files\Windows Defender\MSASCui.exe" -hide ========================= Accounts: ========================== Aaron (S-1-5-21-2284049915-3903095038-2347252828-1010 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Aaron Administrator (S-1-5-21-2284049915-3903095038-2347252828-500 - Administrator - Enabled) David (S-1-5-21-2284049915-3903095038-2347252828-1009 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\David Guest (S-1-5-21-2284049915-3903095038-2347252828-501 - Limited - Enabled) HelpAssistant (S-1-5-21-2284049915-3903095038-2347252828-1006 - Limited - Disabled) Hilary (S-1-5-21-2284049915-3903095038-2347252828-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Hilary Simon (S-1-5-21-2284049915-3903095038-2347252828-1007 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Simon SUPPORT_388945a0 (S-1-5-21-2284049915-3903095038-2347252828-1002 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/21/2014 07:44:48 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (12/21/2014 07:14:36 PM) (Source: Microsoft Fax) (EventID: 32063) (User: ) Description: Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources. Reinstall Fax service using Repair mode. Win32 error code: 13. This error code indicates the cause of the error. Error: (12/21/2014 05:59:33 PM) (Source: crypt32) (EventID: 11) (User: ) Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error: (12/21/2014 05:59:33 PM) (Source: crypt32) (EventID: 11) (User: ) Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error: (12/21/2014 05:42:50 PM) (Source: Microsoft Fax) (EventID: 32063) (User: ) Description: Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources. Reinstall Fax service using Repair mode. Win32 error code: 13. This error code indicates the cause of the error. Error: (12/21/2014 05:32:53 PM) (Source: Microsoft Fax) (EventID: 32063) (User: ) Description: Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources. Reinstall Fax service using Repair mode. Win32 error code: 13. This error code indicates the cause of the error. Error: (12/21/2014 02:43:16 PM) (Source: Microsoft Fax) (EventID: 32063) (User: ) Description: Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources. Reinstall Fax service using Repair mode. Win32 error code: 13. This error code indicates the cause of the error. Error: (12/21/2014 02:23:58 PM) (Source: Microsoft Fax) (EventID: 32063) (User: ) Description: Fax Service failed to read the archive configuration, possibly due to registry corruption or a lack of system resources. Reinstall Fax service using Repair mode. Win32 error code: 13. This error code indicates the cause of the error. Error: (12/21/2014 00:31:30 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (12/21/2014 00:31:30 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. System errors: ============= Error: (12/21/2014 07:46:53 PM) (Source: DCOM) (EventID: 10001) (User: MORRISPC) Description: Unable to start a DCOM Server: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} as /. The error: "%%2" Happened while starting this command: "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -Embedding Error: (12/21/2014 07:46:20 PM) (Source: DCOM) (EventID: 10001) (User: MORRISPC) Description: Unable to start a DCOM Server: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} as /. The error: "%%2" Happened while starting this command: "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -Embedding Error: (12/21/2014 07:34:46 PM) (Source: DCOM) (EventID: 10001) (User: MORRISPC) Description: Unable to start a DCOM Server: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} as /. The error: "%%2" Happened while starting this command: "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -Embedding Error: (12/21/2014 07:34:14 PM) (Source: DCOM) (EventID: 10001) (User: MORRISPC) Description: Unable to start a DCOM Server: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} as /. The error: "%%2" Happened while starting this command: "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -Embedding Error: (12/21/2014 07:34:11 PM) (Source: DCOM) (EventID: 10001) (User: MORRISPC) Description: Unable to start a DCOM Server: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} as /. The error: "%%2" Happened while starting this command: "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -Embedding Error: (12/21/2014 07:25:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The LavasoftTcpService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (12/21/2014 07:24:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The LavasoftTcpService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (12/21/2014 07:22:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The LavasoftTcpService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (12/21/2014 07:21:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The LavasoftTcpService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (12/21/2014 07:18:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The LavasoftTcpService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Microsoft Office Sessions: ========================= Error: (12/21/2014 07:44:48 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000 Error: (12/21/2014 07:14:36 PM) (Source: Microsoft Fax) (EventID: 32063) (User: ) Description: 13 Error: (12/21/2014 05:59:33 PM) (Source: crypt32) (EventID: 11) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error: (12/21/2014 05:59:33 PM) (Source: crypt32) (EventID: 11) (User: ) Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Error: (12/21/2014 05:42:50 PM) (Source: Microsoft Fax) (EventID: 32063) (User: ) Description: 13 Error: (12/21/2014 05:32:53 PM) (Source: Microsoft Fax) (EventID: 32063) (User: ) Description: 13 Error: (12/21/2014 02:43:16 PM) (Source: Microsoft Fax) (EventID: 32063) (User: ) Description: 13 Error: (12/21/2014 02:23:58 PM) (Source: Microsoft Fax) (EventID: 32063) (User: ) Description: 13 Error: (12/21/2014 00:31:30 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000 Error: (12/21/2014 00:31:30 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000 ==================== Memory info =========================== Processor: Intel® Pentium® 4 CPU 3.06GHz Percentage of memory in use: 73% Total physical RAM: 447.36 MB Available physical RAM: 116.34 MB Total Pagefile: 1252.36 MB Available Pagefile: 155.05 MB Total Virtual: 2047.88 MB Available Virtual: 1917.86 MB ==================== Drives ================================ Drive c: (468385) (Fixed) (Total:149.05 GB) (Free:96.38 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: CB2C7EC7) Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)