Sorry, couldn't get around to working on this yesterday. I went ahead and "cleaned" with ESET; no apology necessary, but thanks. Not sure what you mean regarding NvCplDaemon and adjusting the video card. I have to use the NVIDIA control panel to fit the screen to my television. I actually have problems getting games to fit the screen still. It cuts things off on the sides and top/bottom. But that may not have anything to do with Daemon.
Here are the FRST and addition logs:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-12-2016
Ran by poi (administrator) on FLOYD (05-12-2016 13:51:55)
Running from C:\Documents and Settings\poi\Desktop
Loaded Profiles: poi & UpdatusUser (Available Profiles: az & poi & ewq & UpdatusUser & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
() C:\Program Files\USB TV\EM28XX\BDARemote.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17887232 2009-06-25] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1632360 2011-07-05] ()
HKLM\...\Policies\Explorer: [NoComputersNearMe] 0
HKU\S-1-5-21-1123561945-2111687655-725345543-1008\...\Run: [Zoom] => 0
HKU\S-1-5-21-1123561945-2111687655-725345543-1008\...\Policies\Explorer: [NoComputersNearMe] 0
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-11-15] (AVAST Software)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2007-09-11]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BDARemote.lnk [2010-05-26]
ShortcutTarget: BDARemote.lnk -> C:\Program Files\USB TV\EM28XX\BDARemote.exe ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk [2007-09-11]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
GroupPolicy: Restriction ? <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A9B57C27-3A8D-4410-BF03-21FBC3F1992C}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1123561945-2111687655-725345543-1008\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1123561945-2111687655-725345543-1008\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: [S-1-5-21-1123561945-2111687655-725345543-1089] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-15] (AVAST Software)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {33564D57-0000-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1269795619093
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-13] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default [2016-12-05]
FF DefaultSearchEngine: C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default -> Google
FF DefaultSearchEngine.US: C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default -> Google
FF Homepage: C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default -> about:blank
FF Extension: (Classic Theme Restorer) - C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-11-30]
FF Extension: (Blur) - C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default\Extensions\donottrackplus@abine.com.xpi [2016-12-01]
FF Extension: (Adblock Plus) - C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-01-14] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-16] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1123561945-2111687655-725345543-1008: @zoom.us/ZoomVideoPlugin -> C:\Documents and Settings\poi\Application Data\Zoom\bin\npzoomplugin.dll [2016-11-09] (Zoom Video Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [270016 2016-11-16] (Adobe Systems Incorporated) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-11-15] (AVAST Software)
S4 Belkin Wireless USB Network Adapter Service; C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe [49152 2004-03-29] () [File not signed]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
R2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2255464 2011-08-03] (NVIDIA Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [20747 2007-09-11] (Meetinghouse Data Communications) [File not signed]
S3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4017536 2006-08-18] (Realtek Semiconductor Corp.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2009-06-25] (Creative)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34008 2016-11-15] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [92256 2016-11-15] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [64272 2016-11-15] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [60424 2016-11-15] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [735488 2016-11-15] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433768 2016-11-15] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [184592 2016-11-15] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [66688 2016-11-15] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [224752 2016-11-15] (AVAST Software)
S3 BVRPMPR5; C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [49904 2009-09-30] (Avanquest Software) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 CDRPDACC; C:\Program Files\321Studios\Shared\CDRPDACC.SYS [4633 2002-07-25] (Arrowkey) [File not signed]
S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R2 HPFECP13; C:\WINDOWS\System32\drivers\HPFECP13.SYS [52800 1998-09-25] () [File not signed]
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51056 2003-05-14] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2003-05-14] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21488 2003-05-14] (HP)
R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [44032 2009-07-27] (Atheros Communications, Inc.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2009-06-25] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NTIDrvr; C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys [6912 2007-09-11] (NewTech Infosystems, Inc.) [File not signed]
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R0 nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [54656 2003-06-18] (NVIDIA Corporation) [File not signed]
S3 NVENET; C:\WINDOWS\System32\DRIVERS\NVENET.sys [97280 2003-05-27] (NVIDIA Corporation) [File not signed]
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [123840 2012-04-18] (NVIDIA Corporation)
R0 nv_agp; C:\WINDOWS\System32\DRIVERS\nv_agp.sys [21120 2003-05-27] (NVIDIA Corporation) [File not signed]
R3 Pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [33376 2007-09-11] (VSO Software) [File not signed]
R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [File not signed]
S3 RT73; C:\WINDOWS\System32\DRIVERS\rt73.sys [232192 2005-08-02] (Ralink Technology, Corp.) [File not signed]
S3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [74496 2005-03-04] (Realtek Semiconductor Corporation )
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra 2002 Professional\sandra.sys [9600 2001-10-30] (SiSoftware) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [716272 2008-08-15] () [File not signed]
S3 xbreader; C:\WINDOWS\System32\Drivers\xbreader.sys [19677 2001-01-02] (Thesycon GmbH, Germany) [File not signed]
S3 catchme; \??\C:\DOCUME~1\poi\LOCALS~1\Temp\catchme.sys [X]
S3 gdrv; \??\C:\WINDOWS\gdrv.sys [X]
S3 hSONYPVh; \??\C:\DOCUME~1\poi\LOCALS~1\Temp\hSONYPVh.sys [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-05 13:51 - 2016-12-05 13:52 - 00013691 _____ C:\Documents and Settings\poi\Desktop\FRST.txt
2016-12-05 13:51 - 2016-12-05 13:51 - 01761792 _____ (Farbar) C:\Documents and Settings\poi\Desktop\FRST.exe
2016-12-05 13:37 - 2016-12-05 13:37 - 00000000 ____D C:\Documents and Settings\poi\Desktop\FRST-OlderVersion
2016-12-03 16:19 - 2016-12-03 16:24 - 00000913 _____ C:\Documents and Settings\poi\Desktop\SALog.txt
2016-12-03 14:20 - 2016-12-03 14:20 - 00000500 _____ C:\Documents and Settings\poi\Desktop\eset log.txt
2016-12-03 12:26 - 2016-12-03 12:26 - 00000000 ____D C:\Documents and Settings\poi\Local Settings\Application Data\ESET
2016-12-03 12:25 - 2016-12-03 12:25 - 06761600 _____ (ESET spol. s r.o.) C:\Documents and Settings\poi\Desktop\esetonlinescanner_enu.exe
2016-12-01 07:22 - 2016-12-01 07:22 - 00106496 _____ C:\WINDOWS\Minidump\Mini120116-01.dmp
2016-11-30 12:57 - 2016-12-03 12:28 - 00001386 _____ C:\Documents and Settings\poi\Desktop\notes on dt.txt
2016-11-19 10:42 - 2016-11-19 10:42 - 00000178 ___SH C:\Documents and Settings\UpdatusUser\ntuser.ini
2016-11-19 10:42 - 2016-11-19 10:42 - 00000000 ____D C:\Documents and Settings\UpdatusUser
2016-11-19 10:42 - 2013-09-06 14:46 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\temp
2016-11-19 10:42 - 2010-10-22 00:57 - 00000000 __SHD C:\Documents and Settings\UpdatusUser\IETldCache
2016-11-19 10:42 - 2008-07-30 22:56 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Application Data\Macromedia
2016-11-19 10:42 - 2007-09-11 09:42 - 00001609 _____ C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Remote Assistance.lnk
2016-11-19 10:42 - 2007-09-11 09:42 - 00000802 _____ C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Windows Media Player.lnk
2016-11-19 10:42 - 2007-09-11 04:34 - 00000000 ____D C:\Documents and Settings\UpdatusUser\My Documents
2016-11-19 10:41 - 2011-08-03 05:49 - 00600680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\easyupdatusapiu.dll
2016-11-19 10:16 - 2016-11-19 10:18 - 220236624 _____ (NVIDIA Corporation) C:\Documents and Settings\poi\Desktop\361.43-desktop-winxp-32bit-international.exe
2016-11-19 10:06 - 2016-03-19 14:42 - 06253721 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-11-19 10:05 - 2012-05-15 04:18 - 17543168 _____ (NVIDIA Corporation) C:\Documents and Settings\poi\Desktop\nvcompiler.dll
2016-11-19 09:35 - 2016-03-21 21:44 - 17531392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-11-19 09:35 - 2016-03-21 21:44 - 01068600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3236472.dll
2016-11-19 09:35 - 2016-03-21 21:44 - 00925752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3236472.dll
2016-11-19 09:32 - 2016-11-19 09:33 - 214523288 _____ (NVIDIA Corporation) C:\Documents and Settings\poi\Desktop\364.72-desktop-winxp-32bit-international.exe
2016-11-17 11:00 - 2016-11-17 11:00 - 00000000 ____D C:\Documents and Settings\poi\Start Menu\Programs\Zoom
2016-11-16 17:34 - 2016-11-16 17:34 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache
2016-11-16 17:18 - 2016-11-16 17:20 - 219985952 _____ (NVIDIA Corporation) C:\Documents and Settings\poi\Desktop\368.81-desktop-winxp-32bit-international.exe
2016-11-15 18:42 - 2016-11-15 18:42 - 00000000 ____D C:\Documents and Settings\poi\Application Data\AVAST Software
2016-11-15 18:41 - 2016-11-15 18:41 - 00001689 _____ C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2016-11-15 18:41 - 2016-11-15 18:41 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
2016-11-15 18:40 - 2016-12-05 11:39 - 00000310 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-11-15 18:40 - 2016-11-15 18:40 - 00735488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-11-15 18:40 - 2016-11-15 18:40 - 00433768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-11-15 18:40 - 2016-11-15 18:40 - 00224752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-11-15 18:40 - 2016-11-15 18:40 - 00184592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2016-11-15 18:40 - 2016-11-15 18:40 - 00092256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-11-15 18:40 - 2016-11-15 18:40 - 00066688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2016-11-15 18:40 - 2016-11-15 18:40 - 00064272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2016-11-15 18:40 - 2016-11-15 18:40 - 00060424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-11-15 18:40 - 2016-11-15 18:40 - 00034008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-11-15 18:40 - 2016-11-15 18:39 - 00319760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-11-15 18:39 - 2016-11-15 18:39 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-11-15 18:39 - 2016-11-15 18:39 - 00000000 ____D C:\Program Files\AVAST Software
2016-11-15 18:36 - 2016-11-15 18:38 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2016-11-15 18:30 - 2016-11-15 18:30 - 00000000 ____D C:\Documents and Settings\poi\SafeZone Installer
2016-11-15 18:03 - 2016-11-15 18:03 - 00106496 _____ C:\WINDOWS\Minidump\Mini111516-01.dmp
2016-11-15 17:59 - 2016-11-15 17:59 - 00000000 ____D C:\6b02c2329c9154449815253b
2016-11-15 16:52 - 2016-11-19 10:36 - 00000470 _____ C:\WINDOWS\system32\nvAppTimestamps
2016-11-15 15:16 - 2016-11-15 15:16 - 07344400 _____ (AVAST Software) C:\Documents and Settings\poi\Desktop\avastclear.exe
2016-11-15 15:11 - 2016-11-15 18:37 - 06334648 _____ (AVAST Software) C:\Documents and Settings\poi\Desktop\avast_free_antivirus_setup_online.exe
2016-11-15 14:10 - 2016-12-03 12:23 - 00749796 _____ C:\Documents and Settings\poi\Desktop\Minidump.zip
2016-11-15 14:02 - 2016-11-15 14:02 - 00009112 _____ C:\VEW.txt
2016-11-15 13:54 - 2016-11-15 13:54 - 00061440 _____ ( ) C:\Documents and Settings\poi\Desktop\VEW.exe
2016-11-14 16:06 - 2016-11-14 16:06 - 00001116 _____ C:\Documents and Settings\poi\Desktop\MBAM lob 11-14-16b.txt
2016-11-14 16:04 - 2016-11-14 16:04 - 00001116 _____ C:\Documents and Settings\poi\Desktop\MBAM log 11-14-16a.txt
2016-11-14 10:35 - 2016-12-05 13:51 - 00000000 ____D C:\FRST
2016-11-14 10:29 - 2016-11-14 14:50 - 00001115 _____ C:\Documents and Settings\poi\Desktop\mbam log 11-14-16.txt
2016-11-14 09:43 - 2016-11-14 09:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-11-10 22:53 - 2016-11-10 22:53 - 00000005 _____ C:\Documents and Settings\poi\Desktop\nw22560.txt
2016-11-10 11:02 - 2016-11-11 16:17 - 01073664 _____ C:\Documents and Settings\poi\Desktop\B714F600
2016-11-10 11:02 - 2016-11-10 13:16 - 01073664 _____ C:\Documents and Settings\poi\Desktop\2016.10.31.xls
2016-11-10 10:58 - 2016-11-10 10:58 - 00014336 _____ C:\Documents and Settings\poi\My Documents\Book1 (version 1).xls
2016-11-10 10:57 - 2016-11-10 10:57 - 00847102 _____ C:\Documents and Settings\poi\Desktop\2016.10.31.Tables.xlsx
2016-11-10 10:08 - 2016-11-17 10:59 - 17764880 _____ (Microsoft Corporation) C:\Documents and Settings\poi\Desktop\ZoomInstallerXP.exe
2016-11-09 01:08 - 2016-11-09 01:08 - 00106496 _____ C:\WINDOWS\Minidump\Mini110916-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-05 13:52 - 2013-09-06 14:46 - 00000000 ____D C:\Documents and Settings\poi\Local Settings\temp
2016-12-05 13:15 - 2014-10-07 10:28 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-05 12:18 - 2014-04-22 21:07 - 00000260 _____ C:\WINDOWS\Tasks\WGASetup.job
2016-12-05 12:18 - 2014-04-02 00:28 - 00000218 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2016-12-05 11:39 - 2007-09-11 09:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-05 11:39 - 2001-08-23 06:00 - 00002262 _____ C:\WINDOWS\system32\wpa.dbl
2016-12-04 04:34 - 2010-03-12 00:46 - 00000278 ___SH C:\Documents and Settings\poi\ntuser.ini
2016-12-04 04:34 - 2010-03-12 00:46 - 00000000 ____D C:\Documents and Settings\poi
2016-12-04 04:34 - 2007-09-11 09:53 - 00032576 _____ C:\WINDOWS\SchedLgU.Txt
2016-12-03 16:36 - 2010-03-12 00:46 - 00000000 ___RD C:\Documents and Settings\poi\My Documents
2016-12-03 14:35 - 2007-09-11 10:43 - 00002489 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2016-12-01 07:22 - 2011-04-05 14:43 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-30 14:00 - 2012-04-17 00:43 - 00000000 ____D C:\Documents and Settings\poi\Start Menu\Programs\Steam
2016-11-30 13:06 - 2012-04-17 00:12 - 00000000 ____D C:\Program Files\Steam
2016-11-30 12:14 - 2012-07-09 07:57 - 00280388 _____ C:\WINDOWS\system32\nvdrsdb0.bin
2016-11-30 12:14 - 2012-07-09 07:57 - 00000001 _____ C:\WINDOWS\system32\nvdrssel.bin
2016-11-19 11:38 - 2009-07-23 07:07 - 00776228 _____ C:\WINDOWS\ntbtlog.txt
2016-11-19 10:42 - 2012-07-09 07:58 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\NVIDIA
2016-11-19 10:42 - 2012-07-09 07:57 - 00280388 _____ C:\WINDOWS\system32\nvdrsdb1.bin
2016-11-19 10:42 - 2012-07-09 07:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-19 10:42 - 2007-09-11 04:33 - 00000000 ____D C:\Documents and Settings
2016-11-19 10:42 - 2007-09-11 04:30 - 00000000 ___HD C:\WINDOWS\inf
2016-11-19 10:42 - 2007-09-11 04:30 - 00000000 ____D C:\WINDOWS\Help
2016-11-19 10:41 - 2007-09-11 04:30 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-11-19 10:07 - 2007-09-11 15:29 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
2016-11-19 10:05 - 2010-05-27 02:05 - 00000000 ____D C:\Temp
2016-11-19 09:28 - 2007-09-11 04:34 - 00589028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-17 11:00 - 2016-07-22 08:25 - 00000000 ____D C:\Documents and Settings\poi\Application Data\Zoom
2016-11-17 10:59 - 2016-10-28 14:04 - 00133768 _____ (Zoom Video Communications, Inc.) C:\Documents and Settings\poi\Desktop\Zoom_launcher.exe
2016-11-16 16:58 - 2012-04-10 16:12 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-11-16 16:58 - 2011-08-16 19:18 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-11-16 16:57 - 2016-02-20 02:41 - 00000000 ____D C:\Documents and Settings\poi\Desktop\New Folder
2016-11-16 16:57 - 2007-09-11 09:41 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-15 18:00 - 2011-04-04 22:42 - 00000000 ____D C:\Documents and Settings\ewq
2016-11-15 18:00 - 2009-07-23 07:12 - 00000000 ____D C:\Documents and Settings\Administrator
2016-11-15 18:00 - 2007-09-11 09:54 - 00000000 ____D C:\Documents and Settings\az
2016-11-15 18:00 - 2007-09-11 09:53 - 00000000 __SHD C:\Documents and Settings\NetworkService
2016-11-15 18:00 - 2007-09-11 09:53 - 00000000 __SHD C:\Documents and Settings\LocalService
2016-11-15 18:00 - 2007-09-11 09:39 - 00000000 ____D C:\WINDOWS\Registration
2016-11-15 13:44 - 2016-08-22 10:01 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-14 09:44 - 2012-05-03 14:29 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-11-14 09:35 - 2013-09-06 14:46 - 00000000 ____D C:\Documents and Settings\az\Local Settings\temp
2016-11-14 09:35 - 2013-09-06 14:46 - 00000000 ____D C:\Documents and Settings\ewq\Local Settings\temp
2016-11-10 10:58 - 2007-09-11 10:43 - 00002487 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Excel.lnk
2016-11-08 23:43 - 2014-04-02 00:28 - 00000212 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2016-11-08 09:02 - 2016-06-30 16:45 - 00000000 ____D C:\Documents and Settings\poi\My Documents\SPH Climate
2016-11-08 07:48 - 2009-02-19 12:47 - 00000000 ____D C:\Program Files\HLM7Student
2016-11-08 07:48 - 2009-02-19 12:47 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SSI, Inc
2016-11-07 15:40 - 2011-04-04 22:42 - 00000278 ___SH C:\Documents and Settings\ewq\ntuser.ini
2016-11-07 12:16 - 2010-03-13 04:27 - 00000000 ____D C:\Documents and Settings\poi\Application Data\vlc
2016-11-05 14:56 - 2016-11-03 10:31 - 00000000 ____D C:\Documents and Settings\poi\Desktop\Audio
==================== Files in the root of some directories =======
2010-03-12 05:46 - 2012-08-21 10:27 - 0247808 _____ () C:\Documents and Settings\poi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-06-22 17:42 - 2008-08-14 01:12 - 0003276 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Addtion:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-12-2016
Ran by poi (05-12-2016 13:52:24)
Running from C:\Documents and Settings\poi\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) (2007-09-11 15:44:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1123561945-2111687655-725345543-500 - Administrator - Enabled) =>
%SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1123561945-2111687655-725345543-1088 - Limited - Enabled)
ewq (S-1-5-21-1123561945-2111687655-725345543-1010 - Administrator - Enabled) =>
%SystemDrive%\Documents and Settings\ewq
Guest (S-1-5-21-1123561945-2111687655-725345543-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1123561945-2111687655-725345543-1000 - Limited - Disabled)
az (S-1-5-21-1123561945-2111687655-725345543-1003 - Administrator - Enabled) =>
%SystemDrive%\Documents and Settings\az
poi (S-1-5-21-1123561945-2111687655-725345543-1008 - Administrator - Enabled) =>
%SystemDrive%\Documents and Settings\poi
SUPPORT_388945a0 (S-1-5-21-1123561945-2111687655-725345543-1002 - Limited - Disabled)
UpdatusUser (S-1-5-21-1123561945-2111687655-725345543-1089 - Limited - Enabled) =>
%SystemDrive%\Documents and Settings\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {7591db91-41f0-48a3-b128-1a293fd8233d}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The
adware programs should be uninstalled manually.)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377
- Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Action Replay XBOX 1.31 (HKLM\...\Action Replay XBOX_is1) (Version: - Datel Design and Development)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 23.0.0.205 - Adobe
Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems
Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 -
Adobe Systems Incorporated)
Alarm Clock v1.0 (HKLM\...\Alarm Clock_is1) (Version: - Moore Design Lmt.)
ATI AVIVO Codecs (HKLM\...\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}) (Version: 10.0.0.40103 - ATI
Technologies Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
Belkin 54g USB Network Adapter (HKLM\...\{38DFF723-C0B1-44AB-A927-62EDB033908F}) (Version: - )
Command & Conquer Red Alert 2 (HKLM\...\Red Alert 2) (Version: - )
Command & Conquer Tiberian Sun (HKLM\...\Tiberian Sun) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE})
(Version: 12.0.6514.5001 - Microsoft Corporation)
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
Deus Ex - Invisible War (HKLM\...\{47BE1E5F-8978-484B-BE86-B616C00EA75A}) (Version: 1.00.0000 - )
Deus Ex (HKLM\...\Deus Ex) (Version: - )
Deus Ex: Game of the Year Edition (HKLM\...\Steam App 6910) (Version: - Ion Storm)
Deus Ex: Human Revolution - The Missing Link (HKLM\...\Steam App 201280) (Version: - Eidos
Montreal)
Deus Ex: Human Revolution (HKLM\...\Steam App 28050) (Version: - Eidos Montreal)
Deus Ex: Revision (HKLM\...\Steam App 397550) (Version: - Ion Storm)
Deus Ex: The Fall (HKLM\...\Steam App 258180) (Version: - Square Enix)
DVD Flick (HKLM\...\DVD Flick_is1) (Version: 1.3.0.0 - )
DVD X Rescue (HKLM\...\DVD X Rescue) (Version: 2.1.0 - 321 Studios) <==== ATTENTION
DVDXCopy Platinum 3.2.1 (HKLM\...\DVDXCopyPlatinum) (Version: - )
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
ffdshow [rev 3200] [2010-01-12] (HKLM\...\ffdshow_is1) (Version: 1.0.0.3200 - )
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000
- Microsoft Corporation)
Hitman: Codename 47 (HKLM\...\Steam App 6900) (Version: - IO Interactive)
HLM 7 for Windows (X86 Student) (HKLM\...\{1D85FF63-55A4-4891-8372-CD891FCA4EDE}) (Version: 7.01 -
SSI, Inc.)
HP DeskJet 710C Series (Remove only) (HKLM\...\HP DeskJet 710C Series) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version:
2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F})
(Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7})
(Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft
Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile)
(Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version:
4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft
Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9})
(Version: 10.0.2627.01 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft
Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d})
(Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c})
(Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
(HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
(HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
(HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
(HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
(HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 -
Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 -
Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 -
Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0
- Microsoft Corporation)
MyProfessionalBusinessCards (HKLM\...\{D3440743-FCC9-4BFC-B630-4EFC0C1A8D44}) (Version: 4.0.0.0 -
Elibrium, LLC)
NTI Backup NOW! 3 (HKLM\...\InstallShield_{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}) (Version: 3.0.53 -
NewTech Infosystems)
NTI Backup NOW! 3 (Version: 3.0.53 - NewTech Infosystems) Hidden
NTI DriveBackup! 3 (HKLM\...\InstallShield_{8FDD2A92-9F75-4706-B8C2-08499A9863E6}) (Version: 3.0 -
NewTech Infosystems)
NTI DriveBackup! 3 (Version: 3.0 - NewTech Infosystems) Hidden
NTI DVD Player (HKLM\...\{D31612BB-C6D7-4142-96AE-16DB062354CF}) (Version: - ArcSoft)
NTI DVD-Maker (Version: 6 - NewTech Infosystems) Hidden
NTI DVD-Maker Gold (HKLM\...\InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}) (Version: 6 -
NewTech Infosystems)
NTI HomeVideo-Maker (HKLM\...\{C7C2B282-DC3C-4837-9DFC-9E3D90DB2C44}) (Version: - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA Graphics Driver 280.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver)
(Version: 280.26 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver)
(Version: 1.3.16.0 - NVIDIA Corporation)
NVIDIA nForce Drivers (HKLM\...\NVIDIA nForce Drivers) (Version: - )
NVIDIA nView 135.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.94
- NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0213
(HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA
Corporation)
NVIDIA Update 1.4.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version:
1.4.28 - NVIDIA Corporation)
Panda USB Vaccine 1.0.1.4 (HKLM\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda
Security)
QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.28 - Realtek
Semiconductor Corp.)
REALTEK Gigabit and Fast Ethernet NIC Driver (HKLM\...\{94FB906A-CF42-4128-A509-D353026A607E})
(Version: 1.70 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:
5.10.0.5874 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.47 - Piriform)
Return to Castle Wolfenstein (HKLM\...\Return to Castle Wolfenstein) (Version: 1.0 - Activision,
Inc.)
Revo Uninstaller 1.94 (HKLM\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
SafeZone Stable 1.48.2066.98 (Version: 1.48.2066.98 - Avast Software) Hidden
SiSoftware Sandra 2002 Professional (HKLM\...\san_pro_2002) (Version: - )
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
USB Video Driver (HKLM\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 1.00 - EETI)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebFldrs XP (Version: 9.50.5318 - Microsoft Corporation) Hidden
Westwood Shared Internet Components (HKLM\...\WOLAPI) (Version: - )
WinASO Registry Optimizer 3.2 (HKLM\...\WinASO Registry Optimizer 3.2_is1) (Version: - X.M.Y
International LLC)
Windows Driver Package - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0)
(HKLM\...\9722CA1E8F72F362E93CBEC75A707FDABFC8D880) (Version: 08/31/2007 5.7.0831.0 - Advanced Micro
Devices, Inc.)
Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)
(HKLM\...\69083DC58646DE46A09847A522A1CC487F918039) (Version: 08/31/2007 5.7.0831.0 - eMPIA
Technology Inc,)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft
Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft
Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft
Corporation)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Yahoo! Detect (HKLM\...\YTdetect) (Version: - )
Zoom (HKU\S-1-5-21-1123561945-2111687655-725345543-1008\...\ZoomUMX) (Version: 3.5 - Zoom Video
Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be
moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is
running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST
Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job =>
C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job =>
C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1459987643.job => C:\Program Files\AVAST
Software\SZBrowser\launcher.exe
Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe <==== ATTENTION
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Deus Ex\Deus Ex Web Page.lnk ->
hxxp://www.deusex.com/
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Deus Ex\Eidos Games Web Page.lnk
-> hxxp://www.eidosgames.com/
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Deus Ex\Eidos Interactive Store
Web Page.lnk -> hxxp://www.eidosstore.com/
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Deus Ex\Eidos Interactive Web
Page.lnk -> hxxp://www.eidos.com/
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Deus Ex\Ion Storm Web Page.lnk ->
hxxp://www.ionstorm.com/
Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Deus Ex\Planet Deus Ex Web
Page.lnk -> hxxp://www.planetdeusex.com/
==================== Loaded Modules (Whitelisted) ==============
2016-11-15 18:39 - 2016-11-15 18:39 - 00169064 _____ () C:\Program Files\AVAST
Software\Avast\JsonRpcServer.dll
2016-12-05 11:41 - 2016-12-05 11:41 - 03066880 _____ () C:\Program Files\AVAST
Software\Avast\defs\16120500\algo.dll
2016-11-15 18:39 - 2016-11-15 18:39 - 00482928 _____ () C:\Program Files\AVAST
Software\Avast\ffl2.dll
2016-08-03 21:49 - 2016-01-22 15:56 - 00089008 _____ () C:\WINDOWS\system32\cpwmon2k.dll
1998-09-25 02:56 - 1998-09-25 02:56 - 00048292 _____ () C:\WINDOWS\system32\HPFlpm13.dll
1998-09-25 02:56 - 1998-09-25 02:56 - 00072368 _____ () C:\WINDOWS\system32\HPFCOM13.DLL
1998-09-25 02:56 - 1998-09-25 02:56 - 00033384 _____ () C:\WINDOWS\system32\HPFIOP13.DLL
1998-09-25 02:56 - 1998-09-25 02:56 - 00137232 _____ () C:\WINDOWS\system32\HPFMLC13.dll
1998-09-25 02:56 - 1998-09-25 02:56 - 00057240 _____ () C:\WINDOWS\system32\HPFMEM13.dll
2008-06-22 20:30 - 2016-09-20 00:22 - 00043520 _____ () C:\WINDOWS\system32\CmdLineExt03.dll
2012-07-09 07:58 - 2011-07-05 10:08 - 00355432 _____ () C:\Program Files\NVIDIA
Corporation\nView\nvshell.dll
2016-11-15 18:39 - 2016-11-15 18:39 - 48936448 _____ () C:\Program Files\AVAST
Software\Avast\libcef.dll
2010-05-26 14:20 - 2007-06-26 12:22 - 00081997 _____ () C:\Program Files\USB TV\EM28XX\BDARemote.exe
2008-08-13 23:09 - 2008-04-13 18:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2008-08-13 23:09 - 2013-01-02 00:49 - 01292288 _____ () C:\WINDOWS\System32\quartz.dll
2016-11-16 16:58 - 2016-11-16 16:58 - 19640512 _____ ()
C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell"
value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com
There are 5505 more sites.
IE restricted site: HKU\S-1-5-19\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-19\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-19\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-19\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-19\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-19\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-19\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-19\...\1-extreme.biz -> www.1-extreme.biz
IE restricted site: HKU\S-1-5-19\...\1001-search.info -> www.1001-search.info
IE restricted site: HKU\S-1-5-19\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-19\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-19\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\S-1-5-19\...\132.com -> www.132.com
IE restricted site: HKU\S-1-5-19\...\136136.net -> down.136136.net
IE restricted site: HKU\S-1-5-19\...\139mm.com -> www.139mm.com
IE restricted site: HKU\S-1-5-19\...\163ns.com -> ert0003.e76.163ns.com
IE restricted site: HKU\S-1-5-19\...\17-plus.com -> 17-plus.com
IE restricted site: HKU\S-1-5-19\...\171203.com -> 171203.com
IE restricted site: HKU\S-1-5-19\...\1800searchonline.com -> www.1800searchonline.com
There are 4003 more sites.
IE restricted site: HKU\S-1-5-20\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-20\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-20\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-20\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-20\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-20\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-20\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-20\...\1-extreme.biz -> www.1-extreme.biz
IE restricted site: HKU\S-1-5-20\...\1001-search.info -> www.1001-search.info
IE restricted site: HKU\S-1-5-20\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-20\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-20\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\S-1-5-20\...\132.com -> www.132.com
IE restricted site: HKU\S-1-5-20\...\136136.net -> down.136136.net
IE restricted site: HKU\S-1-5-20\...\139mm.com -> www.139mm.com
IE restricted site: HKU\S-1-5-20\...\163ns.com -> ert0003.e76.163ns.com
IE restricted site: HKU\S-1-5-20\...\17-plus.com -> 17-plus.com
IE restricted site: HKU\S-1-5-20\...\171203.com -> 171203.com
IE restricted site: HKU\S-1-5-20\...\1800searchonline.com -> www.1800searchonline.com
There are 4003 more sites.
IE trusted site: HKU\S-1-5-21-1123561945-2111687655-725345543-1008\...\adobe.com ->
hxxp://get.adobe.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2001-08-23 06:00 - 2012-08-09 10:38 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1123561945-2111687655-725345543-1008\Control Panel\Desktop\\Wallpaper -> C:\Documents
and Settings\poi\Desktop\Dell 1280x1024.bmp
HKU\S-1-5-21-1123561945-2111687655-725345543-1089\Control Panel\Desktop\\Wallpaper -> (None)
DNS Servers: 192.168.1.1
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be
moved unless listed separately.)
StandardProfile\AuthorizedApplications: [C:\Program Files\SiSoftware\SiSoftware Sandra 2002
Professional\sandra.exe] => Disabled:SiSoftware Sandra(tm) Fat Client.
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\Steam.exe] => Enabled:Steam
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\mmc.exe] => Enabled:Microsoft
Management Console
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\dxhrml\dxhrml.exe]
=> Enabled:Deus Ex: Human Revolution - The Missing Link
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\deus ex - human
revolution\dxhr.exe] => Enabled:Deus Ex: Human Revolution
StandardProfile\AuthorizedApplications: [C:\DeusEx\System\DeusEx.exe] => Disabled:DeusEx
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\Hitman Codename
47\Hitman.Exe] => Enabled:Hitman: Codename 47
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\Hitman Codename
47\Setup.exe] => Enabled:Hitman: Codename 47
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\Deus
Ex\System\DeusEx.exe] => Enabled:Deus Ex: Game of the Year Edition
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\Deus Ex The
Fall\DeusEx_steam.exe] => Enabled:Deus Ex: The Fall
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\bin\steamwebhelper.exe] =>
Enabled:Steam Web Helper
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\poi\Application
Data\Zoom\bin\Zoom.exe] => Enabled:Zoom Meetings
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] =>
Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\NVIDIA Corporation\NVIDIA
Updatus\daemonu.exe] => Enabled:Daemonu.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\Deus
Ex\System\Revision.exe] => Enabled:Deus Ex: Revision
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008
==================== Restore Points =========================
11-10-2016 13:09:28 System Checkpoint
13-10-2016 08:46:06 System Checkpoint
16-10-2016 02:05:16 System Checkpoint
18-10-2016 10:43:00 System Checkpoint
13-10-2016 07:30:01 System Checkpoint
18-10-2016 19:48:31 System Checkpoint
20-10-2016 09:36:33 System Checkpoint
22-10-2016 11:12:00 System Checkpoint
24-10-2016 11:03:43 System Checkpoint
24-10-2016 11:29:17 Installed Windows XP Wdf01009.
25-10-2016 13:04:25 System Checkpoint
27-10-2016 11:04:36 System Checkpoint
28-10-2016 17:20:00 System Checkpoint
30-10-2016 16:44:18 System Checkpoint
01-11-2016 11:51:16 System Checkpoint
02-11-2016 23:00:44 System Checkpoint
05-11-2016 06:06:35 System Checkpoint
07-11-2016 08:52:40 System Checkpoint
08-11-2016 09:37:21 System Checkpoint
10-11-2016 08:58:50 System Checkpoint
12-11-2016 05:45:55 System Checkpoint
13-11-2016 06:41:34 System Checkpoint
14-11-2016 10:20:07 System Checkpoint
15-11-2016 15:04:12 System Checkpoint
15-11-2016 15:22:13 Avast reinstall
15-11-2016 15:33:13 avast zoom restore
15-11-2016 15:58:41 Installed Windows XP Wdf01009.
15-11-2016 17:57:50 before wdf01009 restore
15-11-2016 17:58:07 Restore Operation
15-11-2016 18:41:19 Installed Windows XP Wdf01009.
16-11-2016 17:34:42 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
17-11-2016 10:50:55 Software Distribution Service 3.0
18-11-2016 10:13:50 Software Distribution Service 3.0
19-11-2016 09:27:02 Software Distribution Service 3.0
19-11-2016 09:41:09 Update to an unsigned driver
01-12-2016 10:26:19 System Checkpoint
03-12-2016 10:35:43 System Checkpoint
05-12-2016 12:10:27 System Checkpoint
==================== Faulty Device Manager Devices =============
Name: Parallel Device
Description: Parallel Device
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service: HPFECP13
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware
Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/17/2016 11:38:28 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to
compile: System.EnterpriseServices, Version=4.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070020
Error: (11/15/2016 04:48:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application nvsvc32.exe, version 6.14.13.142, faulting module nvapi.dll,
version 6.14.13.2101, fault address 0x000f0094.
Processing media-specific event for [nvsvc32.exe!ws!]
Error: (11/15/2016 04:38:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 47.0.2.6148, faulting module
mozglue.dll, version 47.0.2.6148, fault address 0x0000f03d.
Processing media-specific event for [plugin-container.exe!ws!]
Error: (08/24/2016 11:02:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 47.0.0.5999, faulting module
mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.
Processing media-specific event for [plugin-container.exe!ws!]
Error: (08/20/2016 12:58:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 2.3.125.0, faulting module msvcr100.dll, version
10.0.40219.325, fault address 0x0008d6fd.
Processing media-specific event for [mbam.exe!ws!]
Error: (06/30/2016 09:01:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 47.0.0.5999, faulting module
mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.
Processing media-specific event for [plugin-container.exe!ws!]
Error: (06/30/2016 06:56:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 47.0.0.5999, faulting module
mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.
Processing media-specific event for [plugin-container.exe!ws!]
Error: (03/10/2016 01:58:30 AM) (Source: MsiInstaller) (EventID: 11706) (User: FLOYD)
Description: Product: Microsoft Office XP Professional with FrontPage -- Error 1706. Setup cannot
find the required files. Check your connection to the network, or CD-ROM drive. For other potential
solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.
Error: (03/10/2016 01:58:18 AM) (Source: MsiInstaller) (EventID: 11706) (User: FLOYD)
Description: Product: Microsoft Office XP Professional with FrontPage -- Error 1706. Setup cannot
find the required files. Check your connection to the network, or CD-ROM drive. For other potential
solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.
Error: (02/23/2016 07:51:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application mbam.exe, version 2.3.125.0, faulting module mbamcore.dll, version
1.3.24.0, fault address 0x000ee697.
Processing media-specific event for [mbam.exe!ws!]
System errors:
=============
Error: (12/03/2016 09:01:44 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.1.4 for the Network Card with network address 6CF0495DADFF
has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
Error: (12/03/2016 09:15:42 AM) (Source: Dhcp) (EventID: 1000) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.4 on the
Network Card with network address 6CF0495DADFF.
Error: (12/01/2016 01:37:40 PM) (Source: DCOM) (EventID: 10000) (User: FLOYD)
Description: Unable to start a DCOM Server: {E0B8F398-BB08-4298-87F0-34502693902E}.
The error:
"%%2 = The system cannot find the file specified."
Happened while starting this command:
C:\Program Files\Messenger\msmsgs.exe -Embedding
Error: (12/01/2016 07:26:24 AM) (Source: System Error) (EventID: 1003) (User: )
Description: Error code 00000024, parameter1 001902fe, parameter2 b289e2a8, parameter3 b289dfa4,
parameter4 8054bfcb.
Error: (12/01/2016 07:23:12 AM) (Source: 0) (EventID: 1) (User: )
Description: Event-ID 1
Error: (11/30/2016 11:43:46 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
Error: (11/19/2016 11:43:46 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to
start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (11/19/2016 11:38:25 AM) (Source: DCOM) (EventID: 10005) (User: FLOYD)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to
start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error: (11/19/2016 11:38:20 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to
start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (11/19/2016 11:36:34 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
aswRdr
aswRvrt
aswSnx
aswSP
aswVmm
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip
WS2IFSL
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz
Percentage of memory in use: 41%
Total physical RAM: 3070.42 MB
Available physical RAM: 1787.27 MB
Total Virtual: 4709.58 MB
Available Virtual: 3474.72 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:37.01 GB) NTFS ==>[drive with boot components (Windows
XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: 18C15174)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================