Jump to content

tqh

Honorary Members
  • Posts

    156
  • Joined

  • Last visited

Posts posted by tqh

  1. I preface this by stating that I would never believe this could happen if someone else told me it happened.

    I have a laptop running Windows 10.  Everyone knows how this OS forces you to do things you may otherwise want to wait to do later.  The anniversary 1607 upgrade was set to run.  I didn't realize this was akin to installing the OS, but this is irrelevant now.  I quickly went and saved a number of files I had open and a notepad file had not been saved, so I quickly "saved as".  So, once this upgrade and a ton of other updates completed, I went back to open a number of notepad files.  The one that I saved last (the save as) did not have the content it had when I saved it.  In fact, and this is the unbelievable part, it contained a draft of a thank you note I wrote a year ago.  I didn't even have the computer w/ Windows 10 back then.  I wrote it on another one of my laptops (let's call it W7), saved it, and NEVER opened it again.  Nor did I ever email it as an attachment, put it on a flash, or otherwise transfer it.  It was a hand-written thank you note.

    I have two theories that are equally absurd.  The first I believe a little more than the second.  I think when I "saved as" on the W10 machine, I named it the same as the year-old note I created on the W7 machine.  Somehow the two computers "communicated" and the original file from W7 replaced the newer W10 file.  The other theory is that I didn't save it as that name, but somehow the W10 machine "communicated" w/ the W7 machine and imported it.  These are really, really ridiculous ideas, but the bottom line is that the content from the W7 machine was NEVER on the W10 machine.  How could it possibly get there?  Anytime I see something about allowing my computer to share with others, I disable it, but perhaps the W10 machine communicated with it.

    Any insight would be great.  I am considering rolling back the version and hoping something even more ridiculous might happen.

    TIA

  2. It ran a long and short test by default.  What do you think happened?  Is it possible to plug this hard drive into a newer or older machine to recover the data?  I have most of the stuff on there backed up.  I actually can't think of anything on there that I don't have on another device, but want to make sure.  I also don't have an XP disc.  This computer is pretty old.

    Thanks

  3. Was able to successfully run memtest86+.  Showed no errors, but only ran it once. Ran the hard drive test and found no errors as well.  Had trouble finding the right one, but was able to get the boot cd running and found no errors.  Since I can't run anything in windows, should I run any other tests?

    Let me say this, the only way I get the BSOD is if I run windows recovery console.  Otherwise, it just keeps cycling as if it is going to boot properly, but never does.

    I appreciate the help.

    EDIT: Just noticed that the log states, not able to get smart data.  Before that it states, smart is supported but is disabled.

  4. Hello MB Forum,

    I recently hit my power supply on/off switch (accidentally) on my machine running Windows XP.  When I tried to reboot, I encountered a screen I have never seen before.  It was similar to the screen encountered when booting in safe mode, but this one included "return to previous configuration" or something like that.  I am using another computer to post and don't want to try and reboot the problematic machine.  It kept cycling back and forth between this screen and the regular boot process.  Finally, I got a BSOD and then decided I might want to stop and post on this forum.  Is there something I can do to get a proper boot?  I tried hitting F8 and running in safe mode - that didn't work.  Nothing works.  Please advise.

    Thanks in advance!

  5. Yes, it appears to be quite stable.  No crashes since the post I last mentioned them.  Thanks for that.  I wish I understood what you did, but I guess there is no need.  Did you just disable that daemon "file/exe" from starting at startup?  So, I could manually start it up if I needed to in the future.

    Thanks for all your patience and help!

    Edit - right after I posted this FF crashed.  So buggy.  I was typing a response in gmail if that helps.  Only had one tab opened.  Crashes seem more likely when a lot of tabs are open.

  6. That made a noticeable difference just on startup.  Previously, it might take a minute to open FF after logging on.

    Here is the requested log:

    Fix result of Farbar Recovery Scan Tool (x86) Version: 05-12-2016
    Ran by poi (05-12-2016 17:20:09) Run:1
    Running from C:\Documents and Settings\poi\Desktop
    Loaded Profiles: poi & UpdatusUser (Available Profiles: az & poi & ewq & UpdatusUser & Administrator)
    Boot Mode: Normal

    ==============================================

    fixlist content:
    *****************
    Start
    CreateRestorePoint:
    CloseProcesses:
    HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [716272 2008-08-15] () [File not signed]
    C:\WINDOWS\System32\Drivers\sptd.sys
    S3 catchme; \??\C:\DOCUME~1\poi\LOCALS~1\Temp\catchme.sys [X]
    S3 gdrv; \??\C:\WINDOWS\gdrv.sys [X]
    S3 hSONYPVh; \??\C:\DOCUME~1\poi\LOCALS~1\Temp\hSONYPVh.sys [X]
    S4 IntelIde; no ImagePath
    Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe <==== ATTENTION
    EmptyTemp:
    end

     

    *****************

    Restore point was successfully created.
    Processes closed successfully.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvCplDaemon => value removed successfully.
    sptd => Unable to stop service.
    sptd => service could not remove
    C:\WINDOWS\System32\Drivers\sptd.sys => moved successfully
    catchme => service removed successfully.
    gdrv => service removed successfully.
    hSONYPVh => service removed successfully.
    IntelIde => service removed successfully.
    C:\WINDOWS\Tasks\WGASetup.job => moved successfully

    =========== EmptyTemp: ==========

    BITS transfer queue => 9723 B
    DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 94657 B
    Java, Flash, Steam htmlcache => 148905015 B
    Windows/system/dllcache/drivers => 4479707 B
    Edge => 0 B
    Chrome => 0 B
    Firefox => 183065701 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Documents and Settings => 0 B
    Default User => 16677 B
    All Users => 0 B
    systemprofile => 115778 B
    LocalService => 840 B
    NetworkService => 66164 B
    az => 255065 B
    poi => 319359642 B
    ewq => 213435 B
    UpdatusUser => 16677 B
    UpdatusUser => 0 B
    Administrator => 33061 B

    RecycleBin => 3426616 B
    EmptyTemp: => 629.5 MB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 17:21:03 ====

     

     

     

     

     

  7. Sorry, couldn't get around to working on this yesterday.  I went ahead and "cleaned" with ESET; no apology necessary, but thanks.  Not sure what you mean regarding NvCplDaemon and adjusting the video card.  I have to use the NVIDIA control panel to fit the screen to my television.  I actually have problems getting games to fit the screen still.  It cuts things off on the sides and top/bottom.  But that may not have anything to do with Daemon. 

    Here are the FRST and addition logs:

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-12-2016
    Ran by poi (administrator) on FLOYD (05-12-2016 13:51:55)
    Running from C:\Documents and Settings\poi\Desktop
    Loaded Profiles: poi & UpdatusUser (Available Profiles: az & poi & ewq & UpdatusUser & Administrator)
    Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
    Internet Explorer Version 8 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
    () C:\Program Files\USB TV\EM28XX\BDARemote.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe

    ==================== Registry (Whitelisted) ====================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17887232 2009-06-25] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
    HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
    HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1632360 2011-07-05] ()
    HKLM\...\Policies\Explorer: [NoComputersNearMe] 0
    HKU\S-1-5-21-1123561945-2111687655-725345543-1008\...\Run: [Zoom] => 0
    HKU\S-1-5-21-1123561945-2111687655-725345543-1008\...\Policies\Explorer: [NoComputersNearMe] 0
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-11-15] (AVAST Software)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2007-09-11]
    ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BDARemote.lnk [2010-05-26]
    ShortcutTarget: BDARemote.lnk -> C:\Program Files\USB TV\EM28XX\BDARemote.exe ()
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk [2007-09-11]
    ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
    GroupPolicy: Restriction ? <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{A9B57C27-3A8D-4410-BF03-21FBC3F1992C}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-1123561945-2111687655-725345543-1008\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-1123561945-2111687655-725345543-1008\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    URLSearchHook: [S-1-5-21-1123561945-2111687655-725345543-1089] ATTENTION => Default URLSearchHook is missing
    SearchScopes: HKLM -> DefaultScope value is missing
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-15] (AVAST Software)
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {33564D57-0000-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
    DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1269795619093
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
    Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-13] (Microsoft Corporation)
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)

    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default [2016-12-05]
    FF DefaultSearchEngine: C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default -> Google
    FF DefaultSearchEngine.US: C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default -> Google
    FF Homepage: C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default -> about:blank
    FF Extension: (Classic Theme Restorer) - C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-11-30]
    FF Extension: (Blur) - C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default\Extensions\donottrackplus@abine.com.xpi [2016-12-01]
    FF Extension: (Adblock Plus) - C:\Documents and Settings\poi\Application Data\Mozilla\Firefox\Profiles\wxaz6z55.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-30]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-01-14] [not signed]
    FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-15]
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-16] ()
    FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-1123561945-2111687655-725345543-1008: @zoom.us/ZoomVideoPlugin -> C:\Documents and Settings\poi\Application Data\Zoom\bin\npzoomplugin.dll [2016-11-09] (Zoom Video Communications, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [270016 2016-11-16] (Adobe Systems Incorporated) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-11-15] (AVAST Software)
    S4 Belkin Wireless USB Network Adapter Service; C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe [49152 2004-03-29] () [File not signed]
    R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
    R2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2255464 2011-08-03] (NVIDIA Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [20747 2007-09-11] (Meetinghouse Data Communications) [File not signed]
    S3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4017536 2006-08-18] (Realtek Semiconductor Corp.)
    S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2009-06-25] (Creative)
    S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34008 2016-11-15] (AVAST Software)
    R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [92256 2016-11-15] (AVAST Software)
    R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [64272 2016-11-15] (AVAST Software)
    R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [60424 2016-11-15] (AVAST Software)
    R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [735488 2016-11-15] (AVAST Software)
    R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433768 2016-11-15] (AVAST Software)
    R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [184592 2016-11-15] (AVAST Software)
    S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [66688 2016-11-15] (AVAST Software)
    R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [224752 2016-11-15] (AVAST Software)
    S3 BVRPMPR5; C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [49904 2009-09-30] (Avanquest Software) [File not signed]
    S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
    R2 CDRPDACC; C:\Program Files\321Studios\Shared\CDRPDACC.SYS [4633 2002-07-25] (Arrowkey) [File not signed]
    S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
    R2 HPFECP13; C:\WINDOWS\System32\drivers\HPFECP13.SYS [52800 1998-09-25] () [File not signed]
    S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51056 2003-05-14] (HP)
    S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2003-05-14] (HP)
    S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21488 2003-05-14] (HP)
    R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [44032 2009-07-27] (Atheros Communications, Inc.)
    S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2009-06-25] (Creative Technology Ltd.)
    S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
    R3 NTIDrvr; C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys [6912 2007-09-11] (NewTech Infosystems, Inc.) [File not signed]
    S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
    R0 nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [54656 2003-06-18] (NVIDIA Corporation) [File not signed]
    S3 NVENET; C:\WINDOWS\System32\DRIVERS\NVENET.sys [97280 2003-05-27] (NVIDIA Corporation) [File not signed]
    R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [123840 2012-04-18] (NVIDIA Corporation)
    R0 nv_agp; C:\WINDOWS\System32\DRIVERS\nv_agp.sys [21120 2003-05-27] (NVIDIA Corporation) [File not signed]
    R3 Pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [33376 2007-09-11] (VSO Software) [File not signed]
    R3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [21248 2003-09-19] (Padus, Inc.) [File not signed]
    S3 RT73; C:\WINDOWS\System32\DRIVERS\rt73.sys [232192 2005-08-02] (Ralink Technology, Corp.) [File not signed]
    S3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [74496 2005-03-04] (Realtek Semiconductor Corporation                           )
    S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra 2002 Professional\sandra.sys [9600 2001-10-30] (SiSoftware) [File not signed]
    R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [716272 2008-08-15] () [File not signed]
    S3 xbreader; C:\WINDOWS\System32\Drivers\xbreader.sys [19677 2001-01-02] (Thesycon GmbH, Germany) [File not signed]
    S3 catchme; \??\C:\DOCUME~1\poi\LOCALS~1\Temp\catchme.sys [X]
    S3 gdrv; \??\C:\WINDOWS\gdrv.sys [X]
    S3 hSONYPVh; \??\C:\DOCUME~1\poi\LOCALS~1\Temp\hSONYPVh.sys [X]
    S4 IntelIde; no ImagePath
    U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-12-05 13:51 - 2016-12-05 13:52 - 00013691 _____ C:\Documents and Settings\poi\Desktop\FRST.txt
    2016-12-05 13:51 - 2016-12-05 13:51 - 01761792 _____ (Farbar) C:\Documents and Settings\poi\Desktop\FRST.exe
    2016-12-05 13:37 - 2016-12-05 13:37 - 00000000 ____D C:\Documents and Settings\poi\Desktop\FRST-OlderVersion
    2016-12-03 16:19 - 2016-12-03 16:24 - 00000913 _____ C:\Documents and Settings\poi\Desktop\SALog.txt
    2016-12-03 14:20 - 2016-12-03 14:20 - 00000500 _____ C:\Documents and Settings\poi\Desktop\eset log.txt
    2016-12-03 12:26 - 2016-12-03 12:26 - 00000000 ____D C:\Documents and Settings\poi\Local Settings\Application Data\ESET
    2016-12-03 12:25 - 2016-12-03 12:25 - 06761600 _____ (ESET spol. s r.o.) C:\Documents and Settings\poi\Desktop\esetonlinescanner_enu.exe
    2016-12-01 07:22 - 2016-12-01 07:22 - 00106496 _____ C:\WINDOWS\Minidump\Mini120116-01.dmp
    2016-11-30 12:57 - 2016-12-03 12:28 - 00001386 _____ C:\Documents and Settings\poi\Desktop\notes on dt.txt
    2016-11-19 10:42 - 2016-11-19 10:42 - 00000178 ___SH C:\Documents and Settings\UpdatusUser\ntuser.ini
    2016-11-19 10:42 - 2016-11-19 10:42 - 00000000 ____D C:\Documents and Settings\UpdatusUser
    2016-11-19 10:42 - 2013-09-06 14:46 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\temp
    2016-11-19 10:42 - 2010-10-22 00:57 - 00000000 __SHD C:\Documents and Settings\UpdatusUser\IETldCache
    2016-11-19 10:42 - 2008-07-30 22:56 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Application Data\Macromedia
    2016-11-19 10:42 - 2007-09-11 09:42 - 00001609 _____ C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Remote Assistance.lnk
    2016-11-19 10:42 - 2007-09-11 09:42 - 00000802 _____ C:\Documents and Settings\UpdatusUser\Start Menu\Programs\Windows Media Player.lnk
    2016-11-19 10:42 - 2007-09-11 04:34 - 00000000 ____D C:\Documents and Settings\UpdatusUser\My Documents
    2016-11-19 10:41 - 2011-08-03 05:49 - 00600680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\easyupdatusapiu.dll
    2016-11-19 10:16 - 2016-11-19 10:18 - 220236624 _____ (NVIDIA Corporation) C:\Documents and Settings\poi\Desktop\361.43-desktop-winxp-32bit-international.exe
    2016-11-19 10:06 - 2016-03-19 14:42 - 06253721 _____ C:\WINDOWS\system32\nvcoproc.bin
    2016-11-19 10:05 - 2012-05-15 04:18 - 17543168 _____ (NVIDIA Corporation) C:\Documents and Settings\poi\Desktop\nvcompiler.dll
    2016-11-19 09:35 - 2016-03-21 21:44 - 17531392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
    2016-11-19 09:35 - 2016-03-21 21:44 - 01068600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3236472.dll
    2016-11-19 09:35 - 2016-03-21 21:44 - 00925752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3236472.dll
    2016-11-19 09:32 - 2016-11-19 09:33 - 214523288 _____ (NVIDIA Corporation) C:\Documents and Settings\poi\Desktop\364.72-desktop-winxp-32bit-international.exe
    2016-11-17 11:00 - 2016-11-17 11:00 - 00000000 ____D C:\Documents and Settings\poi\Start Menu\Programs\Zoom
    2016-11-16 17:34 - 2016-11-16 17:34 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache
    2016-11-16 17:18 - 2016-11-16 17:20 - 219985952 _____ (NVIDIA Corporation) C:\Documents and Settings\poi\Desktop\368.81-desktop-winxp-32bit-international.exe
    2016-11-15 18:42 - 2016-11-15 18:42 - 00000000 ____D C:\Documents and Settings\poi\Application Data\AVAST Software
    2016-11-15 18:41 - 2016-11-15 18:41 - 00001689 _____ C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
    2016-11-15 18:41 - 2016-11-15 18:41 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
    2016-11-15 18:40 - 2016-12-05 11:39 - 00000310 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
    2016-11-15 18:40 - 2016-11-15 18:40 - 00735488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
    2016-11-15 18:40 - 2016-11-15 18:40 - 00433768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
    2016-11-15 18:40 - 2016-11-15 18:40 - 00224752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
    2016-11-15 18:40 - 2016-11-15 18:40 - 00184592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
    2016-11-15 18:40 - 2016-11-15 18:40 - 00092256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
    2016-11-15 18:40 - 2016-11-15 18:40 - 00066688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
    2016-11-15 18:40 - 2016-11-15 18:40 - 00064272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
    2016-11-15 18:40 - 2016-11-15 18:40 - 00060424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2016-11-15 18:40 - 2016-11-15 18:40 - 00034008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
    2016-11-15 18:40 - 2016-11-15 18:39 - 00319760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
    2016-11-15 18:39 - 2016-11-15 18:39 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
    2016-11-15 18:39 - 2016-11-15 18:39 - 00000000 ____D C:\Program Files\AVAST Software
    2016-11-15 18:36 - 2016-11-15 18:38 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
    2016-11-15 18:30 - 2016-11-15 18:30 - 00000000 ____D C:\Documents and Settings\poi\SafeZone Installer
    2016-11-15 18:03 - 2016-11-15 18:03 - 00106496 _____ C:\WINDOWS\Minidump\Mini111516-01.dmp
    2016-11-15 17:59 - 2016-11-15 17:59 - 00000000 ____D C:\6b02c2329c9154449815253b
    2016-11-15 16:52 - 2016-11-19 10:36 - 00000470 _____ C:\WINDOWS\system32\nvAppTimestamps
    2016-11-15 15:16 - 2016-11-15 15:16 - 07344400 _____ (AVAST Software) C:\Documents and Settings\poi\Desktop\avastclear.exe
    2016-11-15 15:11 - 2016-11-15 18:37 - 06334648 _____ (AVAST Software) C:\Documents and Settings\poi\Desktop\avast_free_antivirus_setup_online.exe
    2016-11-15 14:10 - 2016-12-03 12:23 - 00749796 _____ C:\Documents and Settings\poi\Desktop\Minidump.zip
    2016-11-15 14:02 - 2016-11-15 14:02 - 00009112 _____ C:\VEW.txt
    2016-11-15 13:54 - 2016-11-15 13:54 - 00061440 _____ ( ) C:\Documents and Settings\poi\Desktop\VEW.exe
    2016-11-14 16:06 - 2016-11-14 16:06 - 00001116 _____ C:\Documents and Settings\poi\Desktop\MBAM lob 11-14-16b.txt
    2016-11-14 16:04 - 2016-11-14 16:04 - 00001116 _____ C:\Documents and Settings\poi\Desktop\MBAM log 11-14-16a.txt
    2016-11-14 10:35 - 2016-12-05 13:51 - 00000000 ____D C:\FRST
    2016-11-14 10:29 - 2016-11-14 14:50 - 00001115 _____ C:\Documents and Settings\poi\Desktop\mbam log 11-14-16.txt
    2016-11-14 09:43 - 2016-11-14 09:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2016-11-10 22:53 - 2016-11-10 22:53 - 00000005 _____ C:\Documents and Settings\poi\Desktop\nw22560.txt
    2016-11-10 11:02 - 2016-11-11 16:17 - 01073664 _____ C:\Documents and Settings\poi\Desktop\B714F600
    2016-11-10 11:02 - 2016-11-10 13:16 - 01073664 _____ C:\Documents and Settings\poi\Desktop\2016.10.31.xls
    2016-11-10 10:58 - 2016-11-10 10:58 - 00014336 _____ C:\Documents and Settings\poi\My Documents\Book1 (version 1).xls
    2016-11-10 10:57 - 2016-11-10 10:57 - 00847102 _____ C:\Documents and Settings\poi\Desktop\2016.10.31.Tables.xlsx
    2016-11-10 10:08 - 2016-11-17 10:59 - 17764880 _____ (Microsoft Corporation) C:\Documents and Settings\poi\Desktop\ZoomInstallerXP.exe
    2016-11-09 01:08 - 2016-11-09 01:08 - 00106496 _____ C:\WINDOWS\Minidump\Mini110916-01.dmp

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-12-05 13:52 - 2013-09-06 14:46 - 00000000 ____D C:\Documents and Settings\poi\Local Settings\temp
    2016-12-05 13:15 - 2014-10-07 10:28 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-12-05 12:18 - 2014-04-22 21:07 - 00000260 _____ C:\WINDOWS\Tasks\WGASetup.job
    2016-12-05 12:18 - 2014-04-02 00:28 - 00000218 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
    2016-12-05 11:39 - 2007-09-11 09:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-12-05 11:39 - 2001-08-23 06:00 - 00002262 _____ C:\WINDOWS\system32\wpa.dbl
    2016-12-04 04:34 - 2010-03-12 00:46 - 00000278 ___SH C:\Documents and Settings\poi\ntuser.ini
    2016-12-04 04:34 - 2010-03-12 00:46 - 00000000 ____D C:\Documents and Settings\poi
    2016-12-04 04:34 - 2007-09-11 09:53 - 00032576 _____ C:\WINDOWS\SchedLgU.Txt
    2016-12-03 16:36 - 2010-03-12 00:46 - 00000000 ___RD C:\Documents and Settings\poi\My Documents
    2016-12-03 14:35 - 2007-09-11 10:43 - 00002489 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
    2016-12-01 07:22 - 2011-04-05 14:43 - 00000000 ____D C:\WINDOWS\Minidump
    2016-11-30 14:00 - 2012-04-17 00:43 - 00000000 ____D C:\Documents and Settings\poi\Start Menu\Programs\Steam
    2016-11-30 13:06 - 2012-04-17 00:12 - 00000000 ____D C:\Program Files\Steam
    2016-11-30 12:14 - 2012-07-09 07:57 - 00280388 _____ C:\WINDOWS\system32\nvdrsdb0.bin
    2016-11-30 12:14 - 2012-07-09 07:57 - 00000001 _____ C:\WINDOWS\system32\nvdrssel.bin
    2016-11-19 11:38 - 2009-07-23 07:07 - 00776228 _____ C:\WINDOWS\ntbtlog.txt
    2016-11-19 10:42 - 2012-07-09 07:58 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\NVIDIA
    2016-11-19 10:42 - 2012-07-09 07:57 - 00280388 _____ C:\WINDOWS\system32\nvdrsdb1.bin
    2016-11-19 10:42 - 2012-07-09 07:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2016-11-19 10:42 - 2007-09-11 04:33 - 00000000 ____D C:\Documents and Settings
    2016-11-19 10:42 - 2007-09-11 04:30 - 00000000 ___HD C:\WINDOWS\inf
    2016-11-19 10:42 - 2007-09-11 04:30 - 00000000 ____D C:\WINDOWS\Help
    2016-11-19 10:41 - 2007-09-11 04:30 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
    2016-11-19 10:07 - 2007-09-11 15:29 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
    2016-11-19 10:05 - 2010-05-27 02:05 - 00000000 ____D C:\Temp
    2016-11-19 09:28 - 2007-09-11 04:34 - 00589028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-11-17 11:00 - 2016-07-22 08:25 - 00000000 ____D C:\Documents and Settings\poi\Application Data\Zoom
    2016-11-17 10:59 - 2016-10-28 14:04 - 00133768 _____ (Zoom Video Communications, Inc.) C:\Documents and Settings\poi\Desktop\Zoom_launcher.exe
    2016-11-16 16:58 - 2012-04-10 16:12 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
    2016-11-16 16:58 - 2011-08-16 19:18 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
    2016-11-16 16:57 - 2016-02-20 02:41 - 00000000 ____D C:\Documents and Settings\poi\Desktop\New Folder
    2016-11-16 16:57 - 2007-09-11 09:41 - 00000000 ____D C:\WINDOWS\system32\Macromed
    2016-11-15 18:00 - 2011-04-04 22:42 - 00000000 ____D C:\Documents and Settings\ewq
    2016-11-15 18:00 - 2009-07-23 07:12 - 00000000 ____D C:\Documents and Settings\Administrator
    2016-11-15 18:00 - 2007-09-11 09:54 - 00000000 ____D C:\Documents and Settings\az
    2016-11-15 18:00 - 2007-09-11 09:53 - 00000000 __SHD C:\Documents and Settings\NetworkService
    2016-11-15 18:00 - 2007-09-11 09:53 - 00000000 __SHD C:\Documents and Settings\LocalService
    2016-11-15 18:00 - 2007-09-11 09:39 - 00000000 ____D C:\WINDOWS\Registration
    2016-11-15 13:44 - 2016-08-22 10:01 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2016-11-14 09:44 - 2012-05-03 14:29 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2016-11-14 09:35 - 2013-09-06 14:46 - 00000000 ____D C:\Documents and Settings\az\Local Settings\temp
    2016-11-14 09:35 - 2013-09-06 14:46 - 00000000 ____D C:\Documents and Settings\ewq\Local Settings\temp
    2016-11-10 10:58 - 2007-09-11 10:43 - 00002487 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Excel.lnk
    2016-11-08 23:43 - 2014-04-02 00:28 - 00000212 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
    2016-11-08 09:02 - 2016-06-30 16:45 - 00000000 ____D C:\Documents and Settings\poi\My Documents\SPH Climate
    2016-11-08 07:48 - 2009-02-19 12:47 - 00000000 ____D C:\Program Files\HLM7Student
    2016-11-08 07:48 - 2009-02-19 12:47 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SSI, Inc
    2016-11-07 15:40 - 2011-04-04 22:42 - 00000278 ___SH C:\Documents and Settings\ewq\ntuser.ini
    2016-11-07 12:16 - 2010-03-13 04:27 - 00000000 ____D C:\Documents and Settings\poi\Application Data\vlc
    2016-11-05 14:56 - 2016-11-03 10:31 - 00000000 ____D C:\Documents and Settings\poi\Desktop\Audio

    ==================== Files in the root of some directories =======

    2010-03-12 05:46 - 2012-08-21 10:27 - 0247808 _____ () C:\Documents and Settings\poi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2008-06-22 17:42 - 2008-08-14 01:12 - 0003276 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    ==================== End of FRST.txt ============================

    Addtion:

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-12-2016
    Ran by poi (05-12-2016 13:52:24)
    Running from C:\Documents and Settings\poi\Desktop
    Microsoft Windows XP Professional Service Pack 3 (X86) (2007-09-11 15:44:00)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1123561945-2111687655-725345543-500 - Administrator - Enabled) =>

    %SystemDrive%\Documents and Settings\Administrator
    ASPNET (S-1-5-21-1123561945-2111687655-725345543-1088 - Limited - Enabled)
    ewq (S-1-5-21-1123561945-2111687655-725345543-1010 - Administrator - Enabled) =>

    %SystemDrive%\Documents and Settings\ewq
    Guest (S-1-5-21-1123561945-2111687655-725345543-501 - Limited - Disabled)
    HelpAssistant (S-1-5-21-1123561945-2111687655-725345543-1000 - Limited - Disabled)
    az (S-1-5-21-1123561945-2111687655-725345543-1003 - Administrator - Enabled) =>

    %SystemDrive%\Documents and Settings\az
    poi (S-1-5-21-1123561945-2111687655-725345543-1008 - Administrator - Enabled) =>

    %SystemDrive%\Documents and Settings\poi
    SUPPORT_388945a0 (S-1-5-21-1123561945-2111687655-725345543-1002 - Limited - Disabled)
    UpdatusUser (S-1-5-21-1123561945-2111687655-725345543-1089 - Limited - Enabled) =>

    %SystemDrive%\Documents and Settings\UpdatusUser

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avast Antivirus (Enabled - Up to date) {7591db91-41f0-48a3-b128-1a293fd8233d}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The

    adware programs should be uninstalled manually.)

    Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377

    - Adobe Systems Incorporated)
    Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
    Action Replay XBOX 1.31 (HKLM\...\Action Replay XBOX_is1) (Version:  - Datel Design and Development)
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
    Adobe Flash Player 23 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 23.0.0.205 - Adobe

    Systems Incorporated)
    Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems

    Incorporated)
    Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
    Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 -

    Adobe Systems Incorporated)
    Alarm Clock v1.0 (HKLM\...\Alarm Clock_is1) (Version:  - Moore Design Lmt.)
    ATI AVIVO Codecs (HKLM\...\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}) (Version: 10.0.0.40103 - ATI

    Technologies Inc.)
    Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
    Belkin 54g USB Network Adapter (HKLM\...\{38DFF723-C0B1-44AB-A927-62EDB033908F}) (Version:  - )
    Command & Conquer Red Alert 2 (HKLM\...\Red Alert 2) (Version:  - )
    Command & Conquer Tiberian Sun (HKLM\...\Tiberian Sun) (Version:  - )
    Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE})

    (Version: 12.0.6514.5001 - Microsoft Corporation)
    CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version:  3.1 - Acro Software Inc.)
    Deus Ex - Invisible War (HKLM\...\{47BE1E5F-8978-484B-BE86-B616C00EA75A}) (Version: 1.00.0000 - )
    Deus Ex (HKLM\...\Deus Ex) (Version:  - )
    Deus Ex: Game of the Year Edition (HKLM\...\Steam App 6910) (Version:  - Ion Storm)
    Deus Ex: Human Revolution - The Missing Link (HKLM\...\Steam App 201280) (Version:  - Eidos

    Montreal)
    Deus Ex: Human Revolution (HKLM\...\Steam App 28050) (Version:  - Eidos Montreal)
    Deus Ex: Revision (HKLM\...\Steam App 397550) (Version:  - Ion Storm)
    Deus Ex: The Fall (HKLM\...\Steam App 258180) (Version:  - Square Enix)
    DVD Flick (HKLM\...\DVD Flick_is1) (Version: 1.3.0.0 - )
    DVD X Rescue (HKLM\...\DVD X Rescue) (Version: 2.1.0 - 321 Studios) <==== ATTENTION
    DVDXCopy Platinum 3.2.1 (HKLM\...\DVDXCopyPlatinum) (Version:  - )
    ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
    ffdshow [rev 3200] [2010-01-12] (HKLM\...\ffdshow_is1) (Version: 1.0.0.3200 - )
    High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000

    - Microsoft Corporation)
    Hitman: Codename 47 (HKLM\...\Steam App 6900) (Version:  - IO Interactive)
    HLM 7 for Windows (X86 Student) (HKLM\...\{1D85FF63-55A4-4891-8372-CD891FCA4EDE}) (Version: 7.01 -

    SSI, Inc.)
    HP DeskJet 710C Series (Remove only) (HKLM\...\HP DeskJet 710C Series) (Version:  - )
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version:

    2.2.1.1043 - Malwarebytes)
    Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F})

    (Version: 2.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7})

    (Version: 3.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft

    Corporation)
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile)

    (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version:

    4.0.30319 - Microsoft Corporation)
    Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft

    Corporation)
    Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9})

    (Version: 10.0.2627.01 - Microsoft Corporation)
    Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft

    Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d})

    (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c})

    (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

    (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

    (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

    (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

    (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

    (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Mozilla Firefox 47.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 -

    Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 -

    Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 -

    Microsoft Corporation)
    MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0

    - Microsoft Corporation)
    MyProfessionalBusinessCards (HKLM\...\{D3440743-FCC9-4BFC-B630-4EFC0C1A8D44}) (Version: 4.0.0.0 -

    Elibrium, LLC)
    NTI Backup NOW! 3 (HKLM\...\InstallShield_{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}) (Version: 3.0.53 -

    NewTech Infosystems)
    NTI Backup NOW! 3 (Version: 3.0.53 - NewTech Infosystems) Hidden
    NTI DriveBackup! 3 (HKLM\...\InstallShield_{8FDD2A92-9F75-4706-B8C2-08499A9863E6}) (Version: 3.0 -

    NewTech Infosystems)
    NTI DriveBackup! 3 (Version: 3.0 - NewTech Infosystems) Hidden
    NTI DVD Player (HKLM\...\{D31612BB-C6D7-4142-96AE-16DB062354CF}) (Version:  - ArcSoft)
    NTI DVD-Maker (Version: 6 - NewTech Infosystems) Hidden
    NTI DVD-Maker Gold (HKLM\...\InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}) (Version: 6 -

    NewTech Infosystems)
    NTI HomeVideo-Maker (HKLM\...\{C7C2B282-DC3C-4837-9DFC-9E3D90DB2C44}) (Version:  - )
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
    NVIDIA Graphics Driver 280.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver)

    (Version: 280.26 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver)

    (Version: 1.3.16.0 - NVIDIA Corporation)
    NVIDIA nForce Drivers (HKLM\...\NVIDIA nForce Drivers) (Version:  - )
    NVIDIA nView 135.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.94

    - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.12.0213

    (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA

    Corporation)
    NVIDIA Update 1.4.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version:

    1.4.28 - NVIDIA Corporation)
    Panda USB Vaccine 1.0.1.4 (HKLM\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda

    Security)
    QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.28 - Realtek

    Semiconductor Corp.)
    REALTEK Gigabit and Fast Ethernet NIC Driver (HKLM\...\{94FB906A-CF42-4128-A509-D353026A607E})

    (Version: 1.70 - REALTEK Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:

    5.10.0.5874 - Realtek Semiconductor Corp.)
    Recuva (HKLM\...\Recuva) (Version: 1.47 - Piriform)
    Return to Castle Wolfenstein (HKLM\...\Return to Castle Wolfenstein) (Version: 1.0 - Activision,

    Inc.)
    Revo Uninstaller 1.94 (HKLM\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
    SafeZone Stable 1.48.2066.98 (Version: 1.48.2066.98 - Avast Software) Hidden
    SiSoftware Sandra 2002 Professional (HKLM\...\san_pro_2002) (Version:  - )
    Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
    USB Video Driver (HKLM\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 1.00 - EETI)
    VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    WebFldrs XP (Version: 9.50.5318 - Microsoft Corporation) Hidden
    Westwood Shared Internet Components (HKLM\...\WOLAPI) (Version:  - )
    WinASO Registry Optimizer 3.2 (HKLM\...\WinASO Registry Optimizer 3.2_is1) (Version:  - X.M.Y

    International LLC)
    Windows Driver Package - Advanced Micro Devices, Inc. (USB28xxBGA) Media  (08/31/2007 5.7.0831.0)

    (HKLM\...\9722CA1E8F72F362E93CBEC75A707FDABFC8D880) (Version: 08/31/2007 5.7.0831.0 - Advanced Micro

    Devices, Inc.)
    Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA  (08/31/2007 5.7.0831.0)

    (HKLM\...\69083DC58646DE46A09847A522A1CC487F918039) (Version: 08/31/2007 5.7.0831.0 - eMPIA

    Technology Inc,)
    Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft

    Corporation)
    Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft

    Corporation)
    Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
    Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
    Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
    Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
    Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft

    Corporation)
    WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    Yahoo! Detect (HKLM\...\YTdetect) (Version:  - )
    Zoom (HKU\S-1-5-21-1123561945-2111687655-725345543-1008\...\ZoomUMX) (Version: 3.5 - Zoom Video

    Communications, Inc.)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be

    moved unless listed separately.)


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is

    running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>

    C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST

    Software\Avast\AvastEmUpdate.exe
    Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job =>

    C:\WINDOWS\system32\xp_eos.exe
    Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job =>

    C:\WINDOWS\system32\xp_eos.exe
    Task: C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1459987643.job => C:\Program Files\AVAST

    Software\SZBrowser\launcher.exe
    Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe <==== ATTENTION

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Deus Ex\Deus Ex Web Page.lnk ->

    hxxp://www.deusex.com/
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Deus Ex\Eidos Games Web Page.lnk

    -> hxxp://www.eidosgames.com/
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Deus Ex\Eidos Interactive Store

    Web Page.lnk -> hxxp://www.eidosstore.com/
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Deus Ex\Eidos Interactive Web

    Page.lnk -> hxxp://www.eidos.com/
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Deus Ex\Ion Storm Web Page.lnk ->

    hxxp://www.ionstorm.com/
    Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Deus Ex\Planet Deus Ex Web

    Page.lnk -> hxxp://www.planetdeusex.com/

    ==================== Loaded Modules (Whitelisted) ==============

    2016-11-15 18:39 - 2016-11-15 18:39 - 00169064 _____ () C:\Program Files\AVAST

    Software\Avast\JsonRpcServer.dll
    2016-12-05 11:41 - 2016-12-05 11:41 - 03066880 _____ () C:\Program Files\AVAST

    Software\Avast\defs\16120500\algo.dll
    2016-11-15 18:39 - 2016-11-15 18:39 - 00482928 _____ () C:\Program Files\AVAST

    Software\Avast\ffl2.dll
    2016-08-03 21:49 - 2016-01-22 15:56 - 00089008 _____ () C:\WINDOWS\system32\cpwmon2k.dll
    1998-09-25 02:56 - 1998-09-25 02:56 - 00048292 _____ () C:\WINDOWS\system32\HPFlpm13.dll
    1998-09-25 02:56 - 1998-09-25 02:56 - 00072368 _____ () C:\WINDOWS\system32\HPFCOM13.DLL
    1998-09-25 02:56 - 1998-09-25 02:56 - 00033384 _____ () C:\WINDOWS\system32\HPFIOP13.DLL
    1998-09-25 02:56 - 1998-09-25 02:56 - 00137232 _____ () C:\WINDOWS\system32\HPFMLC13.dll
    1998-09-25 02:56 - 1998-09-25 02:56 - 00057240 _____ () C:\WINDOWS\system32\HPFMEM13.dll
    2008-06-22 20:30 - 2016-09-20 00:22 - 00043520 _____ () C:\WINDOWS\system32\CmdLineExt03.dll
    2012-07-09 07:58 - 2011-07-05 10:08 - 00355432 _____ () C:\Program Files\NVIDIA

    Corporation\nView\nvshell.dll
    2016-11-15 18:39 - 2016-11-15 18:39 - 48936448 _____ () C:\Program Files\AVAST

    Software\Avast\libcef.dll
    2010-05-26 14:20 - 2007-06-26 12:22 - 00081997 _____ () C:\Program Files\USB TV\EM28XX\BDARemote.exe
    2008-08-13 23:09 - 2008-04-13 18:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
    2008-08-13 23:09 - 2013-01-02 00:49 - 01292288 _____ () C:\WINDOWS\System32\quartz.dll
    2016-11-16 16:58 - 2016-11-16 16:58 - 19640512 _____ ()

    C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell"

    value will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
    IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com

    There are 5505 more sites.

    IE restricted site: HKU\S-1-5-19\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-19\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-19\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-19\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-19\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-19\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-19\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-19\...\1-extreme.biz -> www.1-extreme.biz
    IE restricted site: HKU\S-1-5-19\...\1001-search.info -> www.1001-search.info
    IE restricted site: HKU\S-1-5-19\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-19\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-19\...\123topsearch.com -> www.123topsearch.com
    IE restricted site: HKU\S-1-5-19\...\132.com -> www.132.com
    IE restricted site: HKU\S-1-5-19\...\136136.net -> down.136136.net
    IE restricted site: HKU\S-1-5-19\...\139mm.com -> www.139mm.com
    IE restricted site: HKU\S-1-5-19\...\163ns.com -> ert0003.e76.163ns.com
    IE restricted site: HKU\S-1-5-19\...\17-plus.com -> 17-plus.com
    IE restricted site: HKU\S-1-5-19\...\171203.com -> 171203.com
    IE restricted site: HKU\S-1-5-19\...\1800searchonline.com -> www.1800searchonline.com

    There are 4003 more sites.

    IE restricted site: HKU\S-1-5-20\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-20\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-20\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-20\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-20\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-20\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-20\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-20\...\1-extreme.biz -> www.1-extreme.biz
    IE restricted site: HKU\S-1-5-20\...\1001-search.info -> www.1001-search.info
    IE restricted site: HKU\S-1-5-20\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-20\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-20\...\123topsearch.com -> www.123topsearch.com
    IE restricted site: HKU\S-1-5-20\...\132.com -> www.132.com
    IE restricted site: HKU\S-1-5-20\...\136136.net -> down.136136.net
    IE restricted site: HKU\S-1-5-20\...\139mm.com -> www.139mm.com
    IE restricted site: HKU\S-1-5-20\...\163ns.com -> ert0003.e76.163ns.com
    IE restricted site: HKU\S-1-5-20\...\17-plus.com -> 17-plus.com
    IE restricted site: HKU\S-1-5-20\...\171203.com -> 171203.com
    IE restricted site: HKU\S-1-5-20\...\1800searchonline.com -> www.1800searchonline.com

    There are 4003 more sites.

    IE trusted site: HKU\S-1-5-21-1123561945-2111687655-725345543-1008\...\adobe.com ->

    hxxp://get.adobe.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2001-08-23 06:00 - 2012-08-09 10:38 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

    127.0.0.1       localhost

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1123561945-2111687655-725345543-1008\Control Panel\Desktop\\Wallpaper -> C:\Documents

    and Settings\poi\Desktop\Dell 1280x1024.bmp
    HKU\S-1-5-21-1123561945-2111687655-725345543-1089\Control Panel\Desktop\\Wallpaper -> (None)
    DNS Servers: 192.168.1.1
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be

    moved unless listed separately.)

    StandardProfile\AuthorizedApplications: [C:\Program Files\SiSoftware\SiSoftware Sandra 2002

    Professional\sandra.exe] => Disabled:SiSoftware Sandra(tm) Fat Client.
    StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\Steam.exe] => Enabled:Steam
    StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\mmc.exe] => Enabled:Microsoft

    Management Console
    StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\dxhrml\dxhrml.exe]

    => Enabled:Deus Ex: Human Revolution - The Missing Link
    StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\deus ex - human

    revolution\dxhr.exe] => Enabled:Deus Ex: Human Revolution
    StandardProfile\AuthorizedApplications: [C:\DeusEx\System\DeusEx.exe] => Disabled:DeusEx
    StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\Hitman Codename

    47\Hitman.Exe] => Enabled:Hitman: Codename 47
    StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\Hitman Codename

    47\Setup.exe] => Enabled:Hitman: Codename 47
    StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\Deus

    Ex\System\DeusEx.exe] => Enabled:Deus Ex: Game of the Year Edition
    StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\Deus Ex The

    Fall\DeusEx_steam.exe] => Enabled:Deus Ex: The Fall
    StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\bin\steamwebhelper.exe] =>

    Enabled:Steam Web Helper
    StandardProfile\AuthorizedApplications: [C:\Documents and Settings\poi\Application

    Data\Zoom\bin\Zoom.exe] => Enabled:Zoom Meetings
    StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] =>

    Enabled:Firefox (C:\Program Files\Mozilla Firefox)
    StandardProfile\AuthorizedApplications: [C:\Program Files\NVIDIA Corporation\NVIDIA

    Updatus\daemonu.exe] => Enabled:Daemonu.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files\Steam\SteamApps\common\Deus

    Ex\System\Revision.exe] => Enabled:Deus Ex: Revision
    StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
    StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008

    ==================== Restore Points =========================

    11-10-2016 13:09:28 System Checkpoint
    13-10-2016 08:46:06 System Checkpoint
    16-10-2016 02:05:16 System Checkpoint
    18-10-2016 10:43:00 System Checkpoint
    13-10-2016 07:30:01 System Checkpoint
    18-10-2016 19:48:31 System Checkpoint
    20-10-2016 09:36:33 System Checkpoint
    22-10-2016 11:12:00 System Checkpoint
    24-10-2016 11:03:43 System Checkpoint
    24-10-2016 11:29:17 Installed Windows XP Wdf01009.
    25-10-2016 13:04:25 System Checkpoint
    27-10-2016 11:04:36 System Checkpoint
    28-10-2016 17:20:00 System Checkpoint
    30-10-2016 16:44:18 System Checkpoint
    01-11-2016 11:51:16 System Checkpoint
    02-11-2016 23:00:44 System Checkpoint
    05-11-2016 06:06:35 System Checkpoint
    07-11-2016 08:52:40 System Checkpoint
    08-11-2016 09:37:21 System Checkpoint
    10-11-2016 08:58:50 System Checkpoint
    12-11-2016 05:45:55 System Checkpoint
    13-11-2016 06:41:34 System Checkpoint
    14-11-2016 10:20:07 System Checkpoint
    15-11-2016 15:04:12 System Checkpoint
    15-11-2016 15:22:13 Avast reinstall
    15-11-2016 15:33:13 avast zoom restore
    15-11-2016 15:58:41 Installed Windows XP Wdf01009.
    15-11-2016 17:57:50 before wdf01009 restore
    15-11-2016 17:58:07 Restore Operation
    15-11-2016 18:41:19 Installed Windows XP Wdf01009.
    16-11-2016 17:34:42 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
    17-11-2016 10:50:55 Software Distribution Service 3.0
    18-11-2016 10:13:50 Software Distribution Service 3.0
    19-11-2016 09:27:02 Software Distribution Service 3.0
    19-11-2016 09:41:09 Update to an unsigned driver
    01-12-2016 10:26:19 System Checkpoint
    03-12-2016 10:35:43 System Checkpoint
    05-12-2016 12:10:27 System Checkpoint

    ==================== Faulty Device Manager Devices =============

    Name: Parallel Device
    Description: Parallel Device
    Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Manufacturer:
    Service: HPFECP13
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware

    Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (11/17/2016 11:38:28 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to

    compile: System.EnterpriseServices, Version=4.0.0.0, Culture=neutral,

    PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070020

    Error: (11/15/2016 04:48:32 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application nvsvc32.exe, version 6.14.13.142, faulting module nvapi.dll,

    version 6.14.13.2101, fault address 0x000f0094.
    Processing media-specific event for [nvsvc32.exe!ws!]

    Error: (11/15/2016 04:38:45 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 47.0.2.6148, faulting module

    mozglue.dll, version 47.0.2.6148, fault address 0x0000f03d.
    Processing media-specific event for [plugin-container.exe!ws!]

    Error: (08/24/2016 11:02:33 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 47.0.0.5999, faulting module

    mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.
    Processing media-specific event for [plugin-container.exe!ws!]

    Error: (08/20/2016 12:58:14 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application mbam.exe, version 2.3.125.0, faulting module msvcr100.dll, version

    10.0.40219.325, fault address 0x0008d6fd.
    Processing media-specific event for [mbam.exe!ws!]

    Error: (06/30/2016 09:01:25 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 47.0.0.5999, faulting module

    mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.
    Processing media-specific event for [plugin-container.exe!ws!]

    Error: (06/30/2016 06:56:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 47.0.0.5999, faulting module

    mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.
    Processing media-specific event for [plugin-container.exe!ws!]

    Error: (03/10/2016 01:58:30 AM) (Source: MsiInstaller) (EventID: 11706) (User: FLOYD)
    Description: Product: Microsoft Office XP Professional with FrontPage -- Error 1706. Setup cannot

    find the required files. Check your connection to the network, or CD-ROM drive. For other potential

    solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.

    Error: (03/10/2016 01:58:18 AM) (Source: MsiInstaller) (EventID: 11706) (User: FLOYD)
    Description: Product: Microsoft Office XP Professional with FrontPage -- Error 1706. Setup cannot

    find the required files. Check your connection to the network, or CD-ROM drive. For other potential

    solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.

    Error: (02/23/2016 07:51:56 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application mbam.exe, version 2.3.125.0, faulting module mbamcore.dll, version

    1.3.24.0, fault address 0x000ee697.
    Processing media-specific event for [mbam.exe!ws!]


    System errors:
    =============
    Error: (12/03/2016 09:01:44 PM) (Source: Dhcp) (EventID: 1002) (User: )
    Description: The IP address lease 192.168.1.4 for the Network Card with network address 6CF0495DADFF

    has been
    denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

    Error: (12/03/2016 09:15:42 AM) (Source: Dhcp) (EventID: 1000) (User: )
    Description: Your computer has lost the lease to its IP address 192.168.1.4 on the
    Network Card with network address 6CF0495DADFF.

    Error: (12/01/2016 01:37:40 PM) (Source: DCOM) (EventID: 10000) (User: FLOYD)
    Description: Unable to start a DCOM Server: {E0B8F398-BB08-4298-87F0-34502693902E}.
    The error:
    "%%2 = The system cannot find the file specified."
    Happened while starting this command:
    C:\Program Files\Messenger\msmsgs.exe -Embedding

    Error: (12/01/2016 07:26:24 AM) (Source: System Error) (EventID: 1003) (User: )
    Description: Error code 00000024, parameter1 001902fe, parameter2 b289e2a8, parameter3 b289dfa4,

    parameter4 8054bfcb.

    Error: (12/01/2016 07:23:12 AM) (Source: 0) (EventID: 1) (User: )
    Description: Event-ID 1

    Error: (11/30/2016 11:43:46 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.

    Error: (11/19/2016 11:43:46 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
    Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to

    start the service EventSystem with arguments ""
    in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Error: (11/19/2016 11:38:25 AM) (Source: DCOM) (EventID: 10005) (User: FLOYD)
    Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to

    start the service netman with arguments ""
    in order to run the server:
    {BA126AE5-2166-11D1-B1D0-00805FC1270E}

    Error: (11/19/2016 11:38:20 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
    Description: DCOM got error "%%1084 = This service cannot be started in Safe Mode" attempting to

    start the service EventSystem with arguments ""
    in order to run the server:
    {1BE1F766-5536-11D1-B726-00C04FB926AF}

    Error: (11/19/2016 11:36:34 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    AFD
    aswRdr
    aswRvrt
    aswSnx
    aswSP
    aswVmm
    Fips
    intelppm
    IPSec
    MRxSmb
    NetBIOS
    NetBT
    RasAcd
    Rdbss
    Tcpip
    WS2IFSL


    ==================== Memory info ===========================

    Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz
    Percentage of memory in use: 41%
    Total physical RAM: 3070.42 MB
    Available physical RAM: 1787.27 MB
    Total Virtual: 4709.58 MB
    Available Virtual: 3474.72 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:111.79 GB) (Free:37.01 GB) NTFS ==>[drive with boot components (Windows

    XP)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: 18C15174)
    Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

  8. This is a new entry (Dec. 1) - Mini120116-01.dmp

    Yeah, that screen shot was not as bad as the other.  I tried to capture another one, but I was prompted that I did not have enough memory to do so.  You can see in the upper left some black.  That was about three times as big and the same for inside the save as box.  Almost the entire save as box was not viewable.  This happened when you click save to file.  All of the desktop icons flicker when you click it as well.  Here is the SAlog:

    Result of Security Analysis by Rocket Grannie (x86) Updated: 20th November, 2016
    Running from:C:\Documents and Settings\poi\Desktop (16:19:00 - 12/03/2016)
    ***---------------------------------------------------------***
    Microsoft Windows XP Professional X86 Service Pack 3
    *WARNING* Windows XP is no longer supported
    Internet Explorer 8
    Default Browser: Firefox
    ***------------Antivirus - Antispyware - Firewall-----------***
    Avast Antivirus (Disabled - Up to Date)
    Windows Firewall (Enabled)
    *No other Firewall Installed*
    ***-------Security Programs - Browsers - Miscellaneous------***
    Adobe Flash Player Plugin (version 23.0.0.207)
    Adobe Flash Player 23 ActiveX (version 23.0.0.205)
    Malwarebytes Anti-Malware (version 2.2.1.1043)

    Adobe Reader XI (version 11.0.08) is *out of Date*
    Firefox (version 47.0.2) is *out of Date*

    ***----------------Analysis Complete-------------------------***

     

    Thanks

  9. No, I don't think there is an infection.  I am just trying to give a comparison because it is so unstable.  When the ESET scanner was running, my display was really bizarre.  I attached a screenshot, but it is not as bizarre as the other one I had.  The whole "inside" of the ESET box was my desktop at one point.  And then when I went to save the log, you could see the icons "through" the ESET box.  This is the log:

     

    C:\Documents and Settings\poi\Desktop\CouponPrinter.exe      a variant of Win32/Adware.Coupons.AA application   

    C:\Documents and Settings\poi\My Documents\Downloads\CuteWriter.exe       a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application    

     

    Thanks for all your continued help.

     

     

    Screenshot2.doc

  10. Okay.  I apologize for having to put the thread on hold, but the holidays were crazy.  Thank you for your patience.  Trying to update the driver did not lead to a good outcome.  I tried three different options and only one of them even allowed me to open the NVIDIA control panel.  Once I opened it, it would not allow me to resize the desktop to fit my television.  I finally was able to roll it back to the origninal driver 6.14.12.8026 released 8/3/2011.  I assume this is the original since it won't let me roll it back anymore.  I think it is older than the one that was installed when I started the thread.  The computer is still unstable as it froze again upon boot and I had to reboot.  Generally slow as well.  2 days ago, I had a crash and it looked like a blue screen before it rebooted on its own. I kinda missed it as I wasn't paying close attention.  This was the error after reboot:

     

    Error Signature

    BCCode : 24     BCP1 : 001902FE     BCP2 : B289E2A8     BCP3 : B289DFA4     
    BCP4 : 8054BFCB     OSVer : 5_1_2600     SP : 3_0     Product : 256_1     

    The following files will be included in this error report:

    C:\DOCUME~1\poi\LOCALS~1\Temp\WERd9e9.dir00\Mini120116-01.dmp
    C:\DOCUME~1\poi\LOCALS~1\Temp\WERd9e9.dir00\sysdata.xml

    Firefox crashed after this as well.  I've never had a computer so unstable and I have had bad infections before.

    Thanks

  11. I received a message stating that there may be a compliance issue with this driver and XP.  I aborted the installation.  However, I specified, or at least it was defaulted for XP on the download screen.  I tried to install an older driver and it caused my control panel to quit working (NVIDIA CP).  Should I just install the newest one anyway?

    TIA

  12. Here is the VEW log and the zip file is attached.  Thanks!

     

    Vino's Event Viewer v01c run on Windows XP in English
    Report run at 15/11/2016 2:02:27 PM

    Note: All dates below are in the format dd/mm/yyyy

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'Application' Date/Time: 24/08/2016 12:02:33 PM
    Type: error Category: 0
    Event: 1000 Source: Application Error
    Faulting application plugin-container.exe, version 47.0.0.5999, faulting module mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.

    Log: 'Application' Date/Time: 20/08/2016 1:58:14 PM
    Type: error Category: 0
    Event: 1000 Source: Application Error
    Faulting application mbam.exe, version 2.3.125.0, faulting module msvcr100.dll, version 10.0.40219.325, fault address 0x0008d6fd.

    Log: 'Application' Date/Time: 30/06/2016 10:01:25 PM
    Type: error Category: 0
    Event: 1000 Source: Application Error
    Faulting application plugin-container.exe, version 47.0.0.5999, faulting module mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.

    Log: 'Application' Date/Time: 30/06/2016 7:56:10 PM
    Type: error Category: 0
    Event: 1000 Source: Application Error
    Faulting application plugin-container.exe, version 47.0.0.5999, faulting module mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.

    Log: 'Application' Date/Time: 10/03/2016 1:58:30 AM
    Type: error Category: 0
    Event: 11706 Source: MsiInstaller
    Product: Microsoft Office XP Professional with FrontPage -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.

    Log: 'Application' Date/Time: 10/03/2016 1:58:18 AM
    Type: error Category: 0
    Event: 11706 Source: MsiInstaller
    Product: Microsoft Office XP Professional with FrontPage -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\Office10\1033\SETUP.HLP.

    Log: 'Application' Date/Time: 23/02/2016 7:51:56 PM
    Type: error Category: 0
    Event: 1000 Source: Application Error
    Faulting application mbam.exe, version 2.3.125.0, faulting module mbamcore.dll, version 1.3.24.0, fault address 0x000ee697.

    Log: 'Application' Date/Time: 17/02/2016 2:10:09 AM
    Type: error Category: 100
    Event: 1000 Source: Application Error
    Faulting application svchost.exe, version 5.1.2600.5512, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x0001101a.

    Log: 'Application' Date/Time: 17/02/2016 1:53:42 AM
    Type: error Category: 0
    Event: 1000 Source: Application Error
    Faulting application steamwebhelper.exe, version 3.17.73.86, faulting module libcef.dll, version 3.2526.1348.0, fault address 0x00084133.

    Log: 'Application' Date/Time: 17/02/2016 1:52:52 AM
    Type: error Category: 0
    Event: 1000 Source: Application Error
    Faulting application steamwebhelper.exe, version 3.17.73.86, faulting module libcef.dll, version 3.2526.1348.0, fault address 0x00084133.

    Log: 'Application' Date/Time: 17/02/2016 1:52:28 AM
    Type: error Category: 0
    Event: 1000 Source: Application Error
    Faulting application steamwebhelper.exe, version 3.17.73.86, faulting module libcef.dll, version 3.2526.1348.0, fault address 0x00084133.

    Log: 'Application' Date/Time: 17/02/2016 1:50:27 AM
    Type: error Category: 0
    Event: 1000 Source: Application Error
    Faulting application steamwebhelper.exe, version 3.17.73.86, faulting module libcef.dll, version 3.2526.1348.0, fault address 0x00084133.

    Log: 'Application' Date/Time: 17/02/2016 1:49:28 AM
    Type: error Category: 0
    Event: 1000 Source: Application Error
    Faulting application steamwebhelper.exe, version 3.17.73.86, faulting module libcef.dll, version 3.2526.1348.0, fault address 0x00084133.

    Log: 'Application' Date/Time: 17/02/2016 1:48:57 AM
    Type: error Category: 0
    Event: 1000 Source: Application Error
    Faulting application steamwebhelper.exe, version 3.17.73.86, faulting module libcef.dll, version 3.2526.1348.0, fault address 0x00084133.

    Log: 'Application' Date/Time: 17/02/2016 1:48:46 AM
    Type: error Category: 0
    Event: 1000 Source: Application Error
    Faulting application steamwebhelper.exe, version 3.17.73.86, faulting module libcef.dll, version 3.2526.1348.0, fault address 0x00084133.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 14/11/2016 2:19:39 PM
    Type: error Category: 0
    Event: 10000 Source: DCOM
    Unable to start a DCOM Server: {E0B8F398-BB08-4298-87F0-34502693902E}. The error: "%2" Happened while starting this command: C:\Program Files\Messenger\msmsgs.exe -Embedding

    Log: 'System' Date/Time: 14/11/2016 9:16:17 AM
    Type: error Category: 0
    Event: 7000 Source: Service Control Manager
    The NVIDIA Update Service Daemon service failed to start due to the following error:  The service did not start due to a logon failure.  

    Log: 'System' Date/Time: 14/11/2016 9:16:17 AM
    Type: error Category: 0
    Event: 7038 Source: Service Control Manager
    The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:  Logon failure: the specified account password has expired.   To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

    Log: 'System' Date/Time: 14/11/2016 9:04:08 AM
    Type: error Category: 0
    Event: 7011 Source: Service Control Manager
    Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.

    Log: 'System' Date/Time: 14/11/2016 9:03:46 AM
    Type: error Category: 0
    Event: 7011 Source: Service Control Manager
    Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.

    Log: 'System' Date/Time: 14/11/2016 9:02:44 AM
    Type: error Category: 0
    Event: 7000 Source: Service Control Manager
    The NVIDIA Update Service Daemon service failed to start due to the following error:  The service did not start due to a logon failure.  

    Log: 'System' Date/Time: 14/11/2016 9:02:44 AM
    Type: error Category: 0
    Event: 7038 Source: Service Control Manager
    The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:  Logon failure: the specified account password has expired.   To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

    Log: 'System' Date/Time: 13/11/2016 2:37:24 PM
    Type: error Category: 0
    Event: 7000 Source: Service Control Manager
    The NVIDIA Update Service Daemon service failed to start due to the following error:  The service did not start due to a logon failure.  

    Log: 'System' Date/Time: 13/11/2016 2:37:24 PM
    Type: error Category: 0
    Event: 7038 Source: Service Control Manager
    The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:  Logon failure: the specified account password has expired.   To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

    Log: 'System' Date/Time: 12/11/2016 4:38:21 PM
    Type: error Category: 0
    Event: 7000 Source: Service Control Manager
    The NVIDIA Update Service Daemon service failed to start due to the following error:  The service did not start due to a logon failure.  

    Log: 'System' Date/Time: 12/11/2016 4:38:21 PM
    Type: error Category: 0
    Event: 7038 Source: Service Control Manager
    The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:  Logon failure: the specified account password has expired.   To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

    Log: 'System' Date/Time: 12/11/2016 4:55:22 AM
    Type: error Category: 0
    Event: 7011 Source: Service Control Manager
    Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.

    Log: 'System' Date/Time: 12/11/2016 4:54:21 AM
    Type: error Category: 0
    Event: 7000 Source: Service Control Manager
    The NVIDIA Update Service Daemon service failed to start due to the following error:  The service did not start due to a logon failure.  

    Log: 'System' Date/Time: 12/11/2016 4:54:21 AM
    Type: error Category: 0
    Event: 7038 Source: Service Control Manager
    The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:  Logon failure: the specified account password has expired.   To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

    Log: 'System' Date/Time: 12/11/2016 4:49:46 AM
    Type: error Category: 0
    Event: 7000 Source: Service Control Manager
    The NVIDIA Update Service Daemon service failed to start due to the following error:  The service did not start due to a logon failure.  

     

    Minidump.zip

  13. Well, I still have had a significant number of "freezes" where I had to do a hard reboot.  No BSOD.  I realize this is an old machine in its twilight, but I have had very few problems with it.  Any ideas?  I noticed in the "addition" file there are thousands of "restricted sites" listed.  Are these standard for IE?  I very rarely use IE so I have no idea.  These don't show up in the IE browser.  Seems odd.

    Thanks

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.