Dialup connections tabs

Shop deals on ebay
Advertise with us
shop deals on amazon
Flooring Forum

Help Support Flooring Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
Have a few more screens. The first I think is OK. The second I assume is OK, and the third one I showed you before. I unchecked LMHOSTS as you said earlier.
How about the Enable NetBios over TCP/IP
Originally it was set on disable, but I enabled it after googling it............ I saw pros and cons.

Networking Internet protocol TCP IP General tab.jpg


Networking advanced TCP IP DNS tab.jpg


Networking advanced TCP IP WINS tab.jpg
 
School ie: learning was not something I was ever very skilled at. I had my A's and B's, but a typical C kinda kid. Later in life, just as early in life, remembering things is a brutal endeavor and it's getting worse. The multiplication tables and remembering the prepositions was painful. I could read that stuff over and over and over and it just wouldn't stick. It finally did, but took my 10X longer than everyone else. (Except for Ernie) :D
I was born with CRS syndrome, so I compensated for that with what I'm good at........my eye to hand coordination and mechanical thinking and physical understanding of the universe. ;)
 
Nick, part of this topic is to kick start my confuzer. Internet connection has been crappier than ever.....
Is it my modem that's not functioning as well as it should?
Is it my MSN service?
Is it my phone company?
.....or could some computer settings be the issue?

Getting some computer issues/settings corrected will be a start.
I made two other changes that seems to have helped. I re-set the connection speed to 57,000 to match the USB modem speed, and earlier today, I added my ZOOM external usb modem into the Windows firewall's "exceptions" list.

Zoom modem.jpg
 
Last edited:
highup said:
Nick, part of this topic is to kick start my confuzer. Internet connection has been crappier than ever.....
Is it my modem that's not functioning as well as it should?
Is it my MSN service?
Is it my phone company?
.....or could some computer settings be the issue?

Getting some computer issues/settings corrected will be a start.
I made two other changes that seems to have helped. I re-set the connection speed to 57,000 to match the USB modem speed, and earlier today, I added my ZOOM external usb modem into the Windows firewall's "exceptions" list.
Click to expand...

You can set it to anything you want Hi, But if you are not getting 56K from the ISP nothing is going to change .
 
Cordless Tile Vibration Tool for DeWALT 20V Max Battery: Portable Tiler Vibration Leveling Machine with 8 Adjustable Speed,Suction Cup,Digital Display for Floor,Tile,Wall
-38%
$55.99 $89.99
Cordless Tile Vibration Tool for DeWALT 20V Max Battery: Portable Tiler Vibration Leveling Machine with 8 Adjustable Speed,Suction Cup,Digital Display for Floor,Tile,Wall Ecarke
WORKPRO Laminate Wood Flooring Installation Kit with Reinforced Double-Faced Mallet, Heavy Duty Pull Bar, Tapping Block and 30-Piece Spacers Included,Multicolor
$25.99
WORKPRO Laminate Wood Flooring Installation Kit with Reinforced Double-Faced Mallet, Heavy Duty Pull Bar, Tapping Block and 30-Piece Spacers Included,Multicolor Kaya Depot
DGSL Tile Leveling System with Tile Plier - 300-Piece Tile Spacers Clips and 100-Piece Reusable Wedges - Tile Tools Set for Stone Installation (1/8 Inch Tile Spacers)
$25.99
DGSL Tile Leveling System with Tile Plier - 300-Piece Tile Spacers Clips and 100-Piece Reusable Wedges - Tile Tools Set for Stone Installation (1/8 Inch Tile Spacers) DGSL-us-store
4 Inch Diamond Polishing Pads, 12PCS Wet/Dry Granite Stone 50-6000 Grit for Drill, Grinder, Polisher - For Concrete Marble Stone Countertop Quartz
-13%
$27.99 $31.99
4 Inch Diamond Polishing Pads, 12PCS Wet/Dry Granite Stone 50-6000 Grit for Drill, Grinder, Polisher - For Concrete Marble Stone Countertop Quartz Swan Supply Chain
Luxury Vinyl Floor Cleaner Spray – Streak-Free, Residue-Free, Non-Toxic & Pet-Safe Formula – Eco-Friendly, Made in USA, Easy Spray and Mop for Luxury Vinyl, Hardwood, & Multi-Surface Floors
$16.00 ($0.50 / Fl Oz)
Luxury Vinyl Floor Cleaner Spray – Streak-Free, Residue-Free, Non-Toxic & Pet-Safe Formula – Eco-Friendly, Made in USA, Easy Spray and Mop for Luxury Vinyl, Hardwood, & Multi-Surface Floors NoyaTech
Goldblatt Trim Puller, Removal Multi-Tool for Commercial Work, Baseboard, Molding, Siding and Flooring Removal, Remodeling
-20%
$25.64 $31.99
Goldblatt Trim Puller, Removal Multi-Tool for Commercial Work, Baseboard, Molding, Siding and Flooring Removal, Remodeling GreatStar Tools
Rejuvenate Luxury Vinyl Floor Cleaner Gently Cleans And Revitalizes Luxury Vinyl Floors, 1 Gallon
-25%
$13.49 ($0.11 / Fl Oz) $17.99 ($0.14 / Fl Oz)
Rejuvenate Luxury Vinyl Floor Cleaner Gently Cleans And Revitalizes Luxury Vinyl Floors, 1 Gallon Amazon.com
Tile Tools Stainless Steel Square Notch Trowel Set Plus Rubber Grout Float and Grout Sponge for Tiling Installation Grouting
$29.95
Tile Tools Stainless Steel Square Notch Trowel Set Plus Rubber Grout Float and Grout Sponge for Tiling Installation Grouting One Quarter US
QEP 10715 TileTrim Square
$39.97
QEP 10715 TileTrim Square Amazon.com
ProCare Floor Cleaner (Made in USA) | Tile, Stone, Laminate, Vinyl & Natural Wood Floor Cleaner for Mopping, Household Supplies, Cleaning Solution with Citrus Aroma - 1 Gal (128 Fl Oz)
$25.95 ($0.20 / Fl Oz)
ProCare Floor Cleaner (Made in USA) | Tile, Stone, Laminate, Vinyl & Natural Wood Floor Cleaner for Mopping, Household Supplies, Cleaning Solution with Citrus Aroma - 1 Gal (128 Fl Oz) PROCOAT
Tile Leveling System 1/8”Kit, 600pcs Tile Leveler Spacers Clips+200pcs Reusable Wedges+1pc Tile Pliers for Wall/Floor Tile Adjustment, Tile Leveler Tool Set for Tile & Stone Installation(1/8",Yellow)
$39.24
Tile Leveling System 1/8”Kit, 600pcs Tile Leveler Spacers Clips+200pcs Reusable Wedges+1pc Tile Pliers for Wall/Floor Tile Adjustment, Tile Leveler Tool Set for Tile & Stone Installation(1/8",Yellow) AubeDirect-us
Zep Industrial Hardwood and Laminate Floor Cleaner - 1 Gallon - ZUHLF128 - Removes Spots, Stains and Scuffs. Cleans and Restores Shine
$12.98 ($3.24 / Fl Oz)
Zep Industrial Hardwood and Laminate Floor Cleaner - 1 Gallon - ZUHLF128 - Removes Spots, Stains and Scuffs. Cleans and Restores Shine Amazon.com
Quick Shine Multi Surface Concentrated Floor Cleaner 27oz Use on Hardwood, Laminate, Luxury Vinyl Plank LVT, Tile & Stone Dirt Dissolving & Powerful Cleaning Makes 27 Gallons
$9.92 ($0.37 / Fl Oz)
Quick Shine Multi Surface Concentrated Floor Cleaner 27oz Use on Hardwood, Laminate, Luxury Vinyl Plank LVT, Tile & Stone Dirt Dissolving & Powerful Cleaning Makes 27 Gallons Amazon.com
Aluminum Alloy Multi-Function six-fold Ruler Angle Finder Universal Angler Ruler Metal Drill Guide Locator Tile Opening Hole Angle Template Tool Angle Copier for Builders, Craftsmen, Carpenters
$14.96
Aluminum Alloy Multi-Function six-fold Ruler Angle Finder Universal Angler Ruler Metal Drill Guide Locator Tile Opening Hole Angle Template Tool Angle Copier for Builders, Craftsmen, Carpenters Hao rui
Black Diamond Laminate Floor Cleaner and Hardwood Floor Cleaner Spray - Versatile Solution Safe for Vinyl Floors, Wood Floors, and Engineered Hardwood Floors - 1-Quart.
$15.38 ($0.48 / Fl Oz)
Black Diamond Laminate Floor Cleaner and Hardwood Floor Cleaner Spray - Versatile Solution Safe for Vinyl Floors, Wood Floors, and Engineered Hardwood Floors - 1-Quart. Getcleaners
Saker Contour Gauge Christmas Gifts (10 Inch) Profile Tool-Adjustable Lock Gift for Men Women Dad Him Boyfriend Husband-Precisely Copy Irregular Shape Duplicator-Welding Floor Woodworking Tool Tracing
$29.97
Saker Contour Gauge Christmas Gifts (10 Inch) Profile Tool-Adjustable Lock Gift for Men Women Dad Him Boyfriend Husband-Precisely Copy Irregular Shape Duplicator-Welding Floor Woodworking Tool Tracing SAKER BM
Rejuvenate High Performance Luxury Vinyl Tile Plank Floor Cleaner pH Neutral Formula Doesn't Leave Streaks or Dulling Residue (128oz + 32oz)
-25%
$19.48 ($0.12 / Fl Oz) $25.98 ($0.16 / Fl Oz)
Rejuvenate High Performance Luxury Vinyl Tile Plank Floor Cleaner pH Neutral Formula Doesn't Leave Streaks or Dulling Residue (128oz + 32oz) Amazon.com
Armstrong Flooring 00325806 S-325 New Beginning Extra-Strength Stripper-1/2 Gallon Flooring Cleaner, Clear, 64 Fl Oz
$13.74 ($0.21 / Fl Oz)
Armstrong Flooring 00325806 S-325 New Beginning Extra-Strength Stripper-1/2 Gallon Flooring Cleaner, Clear, 64 Fl Oz Amazon.com
FLOORLOT BlueStep Underlayment with Moisture Barrier for Laminate and Wood Floors, (200 sq.ft Roll)
-7%
$64.99 ($0.32 / Sq Ft) $69.99 ($0.35 / Sq Ft)
FLOORLOT BlueStep Underlayment with Moisture Barrier for Laminate and Wood Floors, (200 sq.ft Roll) Floorlot LLC
MORE Luxury Vinyl Floor Cleaner for Vinyl Plank Flooring - Ready to Use, Daily Cleaning Formula for Tile, Vinyl Surfaces [Gallon / 128oz]
$44.99 ($0.35 / Fl Oz)
MORE Luxury Vinyl Floor Cleaner for Vinyl Plank Flooring - Ready to Use, Daily Cleaning Formula for Tile, Vinyl Surfaces [Gallon / 128oz] MORE Surface Care
highup said:
Have a few more screens. The first I think is OK. The second I assume is OK, and the third one I showed you before. I unchecked LMHOSTS as you said earlier.
How about the Enable NetBios over TCP/IP
Originally it was set on disable, but I enabled it after googling it............ I saw pros and cons.
Click to expand...

That looks ok Hi. I always turn off TCP/TP. Lot of holes in it to get infected . A little later when i have time I'll Post a list of things you can turn off in misconfig. That should help you some .
 
Last edited:
Under Services un-check the following . [some may not show up depending on the build of your OS].

1. Alerter
2. Clipboard
3. Computer browser
4. Fast user switching
5. Human Interface Access Devices
6. Indexing Service. [ Slows down the hard drive].
7. Messenger
8. Net Logon [Unnecessary unless networked on a Domain
9. Networking Remote Desktop Sharing. [ Disabled for extra Security].
10. Remote Desktop Help Session Manager. [Disabled for extra Security].
11. Remote Procedure Call Locator
12. Remote Registry. [Disabled for extra Security].
13. Routing & Remote Access. [Disabled for extra Security].
14. Server
15. SSDP Discovery Service.[This is for the utterly pointless “ Universal P’n’P”.& leaves TCP
16. Port 5000 wide open.
17. TCP/IP NetBIOS Helper.
18. Telnet. [Disabled for extra Security].
19. Universal Plug & Play Device Host.
20. Upload Manager.
21. Windows Time .
22. Wireless Zero Configuration. [for Wireless networks].
23. Workstation.

Post what you have running in Start up. Is the confuser running slow when you are not on the net ?
 
I opened "system information" and clicked open a bunch of tabs. The results are noticeably faster after disabling those items. I'll keep checking to see how it affects other things. This website and others that start with www. load up pretty fast, but websites with an https prefix suck.
 
Post your start up menu in Msconfig. Lets see if we can't get you to boot faster , and free up some memory .
 
Nick said:
Post your start up menu in Msconfig. Lets see if we can't get you to boot faster , and free up some memory .
Click to expand...


Here ya go.
..........and I gotta go. I'll check back in later.
Page loading time is really bad and has been for a long time. Even when my internet speed is fast, the load up times for google searches,email and other stuff can be fast or slow, even tho the dialup speed is scootin along at a decent pace.
How can pages load slow or fast when the connection speed is good? I figure it can't be both slow and fast when the speed remains good. Sometimes, not always it seems to make a difference if I reboot the modem and reboot the confuzer ....it gets better. ........other times not. Very hit and miss, leaving me unable to determine if I'm accomplishing anything or just thinking that I am.
I'm thinking firefox tweaks, antivirus tweaks, or other PC system tweaks are the issue.
Gotta go...........

Startup screen 1 msconfig.jpg


Startup screen 2 msconfig.jpg
 
Read all of my instructions very carefully.]

Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.


STEP 1.
Please download Farbar Recovery Scan Tool and save it to your Desktop. http://www.google.com/url?sa=t&rct=...rav5-D2n9YnB1-ylmGIM6hQ&bvm=bv.82001339,d.eXY

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt).

STEP 2.
Start new topic in our Malware Removal forum and provide following logs:

FRST.txt
Addition.txt

Make sure all logs are pasted not attached. Attached logs won't be reviewed.

DO NOT make any other changes to your computer (like installing programs,using other cleaning tools, etc.), until it's officially declared clean!!!
 
Last edited:
OK, I'll do it here. ;)
Additional scan result of Farbar Recovery Scan Tool (x86) Version:09-12-2015
Ran by roy (2015-12-11 21:57:48)
Running from C:\Documents and Settings\Roy\My Documents\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) (2008-08-18 00:06:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-57989841-436374069-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator.S-87
ASPNET (S-1-5-21-57989841-436374069-725345543-1004 - Limited - Enabled)
Guest (S-1-5-21-57989841-436374069-725345543-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-57989841-436374069-725345543-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-57989841-436374069-725345543-1002 - Limited - Disabled)
User (S-1-5-21-57989841-436374069-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 5.5 (HKLM\...\{D2261C4B-4D9B-4149-8472-31B7A2FEAB91}) (Version: - ArcSoft)
ATECH FLASH PRO-9XP (HKLM\...\{B84C053E-DBF1-4C75-BB05-2A1751DFB941}) (Version: - )
Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2225 - AVAST Software)
Belarc Advisor 8.3 (HKLM\...\Belarc Advisor) (Version: 8.3.2.0 - Belarc Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon CanoScan Toolbox 4.9 (HKLM\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version: - Microsoft Corporation)
Data Lifeguard Diagnostic for Windows (HKLM\...\{E40CE517-0D42-4198-96B4-C8232B257EB5}) (Version: 1.13 - Western Digital Corporation)
EasyLog USB (HKLM\...\{F2C943A7-FF9C-4762-9EF4-9306B9C562D8}) (Version: 4.5.0 - Lascar Electronics Ltd.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
EVEREST Ultimate Edition v4.60 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 4.60 - Lavalys, Inc.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.41 - Irfan Skiljan)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.600 - Oracle)
KhalInstallWrapper (Version: 4.60.122 - Logitech) Hidden
LAN-Fax Utilities (HKLM\...\LAN-Fax Utilities) (Version: - )
Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.60 - Logitech)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM\...\{C950420B-4182-49EA-850A-A6A2ABF06C6B}) (Version: 9.12.4.3 - Marvell)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSN (HKLM\...\MSNINST) (Version: - )
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
MWSnap 3 (HKLM\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
Neat Image v6.1 Home+ (HKLM\...\Neat Image_is1) (Version: - Neat Image team, ABSoft)
Nero Suite (HKLM\...\NeroMultiInstaller!UninstallKey) (Version: - )
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.23 - BVRP Software, Inc)
Nitro Reader 3 (HKLM\...\{F5451D00-B448-4E9A-82DC-1929F4F1910D}) (Version: 3.5.6.5 - Nitro)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)
PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version: - Tracker Software)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - CyberLink Corporation)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.28 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SpywareBlaster 5.2 (HKLM\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Terrain Navigator (Version: 8.51 - MyTopo) Hidden
Terrain Navigator Pro (HKLM\...\Terrain Navigator Pro) (Version: - MyTopo)
TSR Watermark Image software version 3.1.0.3 - Free version (HKLM\...\TSR Watermark Image - Free version_is1) (Version: 3.1.0.3 - TSR Software)
TypeC3000 TWAIN Driver Ver.4 (HKLM\...\{B8889795-64FC-43CD-8333-ACE45B235233}) (Version: 4.19.02 - )
Uninstall Dual Mode Camera (HKLM\...\Dual Mode Camera_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USB Modem (HKLM\...\CNXT_MODEM_USB_ACF) (Version: 2.0.22.0 - Conexant)
ViewSonic Monitor Drivers (HKLM\...\{B4FEA924-630D-11D4-B78E-005004566E4D}) (Version: - )
VueScan x32 (HKLM\...\VueScan x32) (Version: - )
WD Drive Manager (x86) (HKLM\...\{CCD04643-5246-48AC-9D8C-F43A37BB8F36}) (Version: 2.107 - Western Digital)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\WinDirStat) (Version: - )
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
Zoom External V92 Voice Faxmodem (HKLM\...\{FD7CC85D-49CD-43ED-817F-9C01262CD7CE}) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109_Classes\CLSID\{0BBFE402-CCA1-4f64-9322-13B66D841049}\InprocServer32 -> C:\Documents and Settings\Roy\Local Settings\Application Data\TechSmith\SnagIt\Accessories\{23102CBF (the data entry has 51 more characters).
CustomCLSID: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109_Classes\CLSID\{25D005BF-FE63-4cce-AA25-CE952B1D9381}\InprocServer32 -> C:\Documents and Settings\Roy\Local Settings\Application Data\TechSmith\SnagIt\Accessories\{638B203F (the data entry has 57 more characters).
CustomCLSID: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109_Classes\CLSID\{54050FBB-F2AE-404b-8BFD-7EE3EC784A52}\InprocServer32 -> C:\Documents and Settings\Roy\Local Settings\Application Data\TechSmith\SnagIt\Accessories\{18AA4E21 (the data entry has 52 more characters).
CustomCLSID: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109_Classes\CLSID\{6B1948B3-9547-42F8-9B37-7AA9768134C4}\InprocServer32 -> C:\Documents and Settings\Roy\Local Settings\Application Data\TechSmith\SnagIt\Accessories\{23102CBF (the data entry has 51 more characters).

==================== Restore Points =========================

07-11-2015 10:31:48 System Checkpoint
08-11-2015 15:40:18 System Checkpoint
09-11-2015 16:45:29 System Checkpoint
11-11-2015 08:47:29 System Checkpoint
12-11-2015 15:19:21 System Checkpoint
13-11-2015 16:17:14 System Checkpoint
14-11-2015 19:24:29 System Checkpoint
15-11-2015 20:46:20 System Checkpoint
17-11-2015 11:07:27 System Checkpoint
18-11-2015 18:17:16 System Checkpoint
19-11-2015 18:21:20 System Checkpoint
20-11-2015 22:48:46 System Checkpoint
22-11-2015 11:18:30 System Checkpoint
23-11-2015 11:40:50 System Checkpoint
24-11-2015 11:54:26 System Checkpoint
26-11-2015 12:58:46 System Checkpoint
27-11-2015 13:44:38 System Checkpoint
28-11-2015 14:11:21 System Checkpoint
29-11-2015 14:29:29 System Checkpoint
30-11-2015 16:23:56 System Checkpoint
02-12-2015 01:36:41 System Checkpoint
03-12-2015 11:35:23 Revo Uninstaller's restore point - Java 7 Update 60
03-12-2015 11:36:43 Removed Java 7 Update 51
05-12-2015 04:22:33 System Checkpoint
06-12-2015 04:54:59 System Checkpoint
07-12-2015 09:23:42 System Checkpoint
07-12-2015 20:49:55 Restore Operation
09-12-2015 00:12:15 System Checkpoint
10-12-2015 13:37:19 System Checkpoint
11-12-2015 14:26:53 System Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2007-07-27 04:00 - 2015-10-18 10:07 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cc0453e42803f0.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cc0453e471ec79.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-06-28 17:55 - 2015-08-29 13:33 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-28 17:55 - 2015-08-29 13:33 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-11 10:40 - 2015-12-11 10:40 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15121102\algo.dll
2007-07-13 16:05 - 2000-04-20 17:17 - 00045056 _____ () C:\WINDOWS\system32\XRXLM.DLL
2007-07-27 04:00 - 2013-06-03 23:23 - 00562688 _____ () C:\WINDOWS\system32\qedit.dll
2007-07-27 04:00 - 2008-04-14 04:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2007-07-27 04:00 - 2013-01-01 22:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2007-07-27 04:00 - 2008-04-14 04:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2014-04-05 00:18 - 2015-06-28 17:55 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:9B013599

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WdfLoadGroup => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\google.com -> hxxps://www.google.com
IE trusted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\live.com -> hxxps://blu177.mail.live.com
IE trusted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\outlook.com -> hxxps://outlook.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\1001movie.com -> 1001movie.com

There are 6091 more sites.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.4 - 64.136.173.147
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VIA RAID TOOL.lnk => C:\WINDOWS\pss\VIA RAID TOOL.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^Roy^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\WINDOWS\pss\OneNote 2010 Screen Clipper and Launcher.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: NeroFilterCheck => C:\WINDOWS\system32\NeroCheck.exe
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: Synchronization Manager => %SystemRoot%\system32\mobsync.exe /logon
MSCONFIG\startupreg: WD Drive Manager => C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Program Files\a la mode\Sched\eSched.exe] => Enabled:a la mode Assistant
DomainProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\GROOVE.EXE] => Enabled:Microsoft Office Groove
DomainProfile\AuthorizedApplications: [C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe] => Enabled:BitDefender Manual Scan
DomainProfile\AuthorizedApplications: [C:\Program Files\BitDefender\BitDefender 2008\seccenter.exe] => Enabled:seccenter
DomainProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE] => Enabled:Microsoft OneNote
DomainProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
DomainProfile\AuthorizedApplications: [C:\Program Files\Messenger\msmsgs.exe] => Enabled:Windows Messenger
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe] => Enabled:WebKit
DomainProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour Service
DomainProfile\AuthorizedApplications: [C:\Program Files\iTunes\iTunes.exe] => Enabled:iTunes
StandardProfile\AuthorizedApplications: [C:\Program Files\CA\eTrust Antivirus\Realmon.exe] => Enabled:Realmon
StandardProfile\AuthorizedApplications: [C:\Program Files\CA\eTrust Antivirus\InocIT.exe] => Enabled:InocIT
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\GROOVE.EXE] => Enabled:Microsoft Office Groove
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE] => Enabled:Microsoft Office OneNote
StandardProfile\AuthorizedApplications: [C:\Program Files\a la mode\Sched\eSched.exe] => Enabled:a la mode Assistant
StandardProfile\AuthorizedApplications: [C:\Program Files\Internet Explorer\iexplore.exe] => Enabled:Internet Explorer
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe] => Enabled:WebKit
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\Zoom\Config\MOHConfig.exe] => Enabled:MOHConfig.exe
DomainProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22002
DomainProfile\GloballyOpenPorts: [3389:TCP] => Disabled:mad:xpsp2res.dll,-22009
DomainProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
DomainProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22008
DomainProfile\GloballyOpenPorts: [3393:TCP] => Enabled:3393
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [3389:TCP] => Disabled:mad:xpsp2res.dll,-22009
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:mad:xpsp2res.dll,-22008

==================== Faulty Device Manager Devices =============

Name: RAID Controller
Description: RAID Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/11/2015 09:04:00 PM) (Source: Userenv) (EventID: 1054) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The workstation driver is not installed. ). Group Policy processing aborted.

Error: (12/11/2015 09:01:39 PM) (Source: Userenv) (EventID: 1054) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The workstation driver is not installed. ). Group Policy processing aborted.

Error: (12/11/2015 07:29:59 PM) (Source: Userenv) (EventID: 1054) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The workstation driver is not installed. ). Group Policy processing aborted.

Error: (12/11/2015 07:29:59 PM) (Source: Userenv) (EventID: 1521) (User: MNA)
Description: Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you logoff. Possible causes of this error include network problems or insufficient security rights. If this problem persists, contact your network administrator.


DETAIL - The network is not present or not started.

Error: (12/11/2015 07:28:35 PM) (Source: AutoEnrollment) (EventID: 15) (User: )
Description: Automatic certificate enrollment for local system failed to contact the active directory (0x80070836). The workstation driver is not installed.
Enrollment will not be performed.

Error: (12/11/2015 07:28:35 PM) (Source: Userenv) (EventID: 1054) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The workstation driver is not installed. ). Group Policy processing aborted.

Error: (12/11/2015 06:27:33 PM) (Source: Userenv) (EventID: 1054) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The workstation driver is not installed. ). Group Policy processing aborted.

Error: (12/11/2015 06:12:38 PM) (Source: Userenv) (EventID: 1054) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The workstation driver is not installed. ). Group Policy processing aborted.

Error: (12/11/2015 04:49:33 PM) (Source: Userenv) (EventID: 1054) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The workstation driver is not installed. ). Group Policy processing aborted.

Error: (12/11/2015 04:37:38 PM) (Source: Userenv) (EventID: 1054) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The workstation driver is not installed. ). Group Policy processing aborted.


System errors:
=============
Error: (12/11/2015 07:29:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (12/11/2015 07:29:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Java Quick Starter service failed to start due to the following error:
%%3

Error: (12/11/2015 09:30:45 AM) (Source: W32Time) (EventID: 29) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (12/11/2015 09:30:45 AM) (Source: W32Time) (EventID: 17) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time-c.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (12/11/2015 06:28:33 AM) (Source: W32Time) (EventID: 29) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (12/11/2015 06:28:33 AM) (Source: W32Time) (EventID: 17) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time-c.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (12/11/2015 06:24:39 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (12/11/2015 06:24:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Java Quick Starter service failed to start due to the following error:
%%3

Error: (12/10/2015 09:15:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (12/10/2015 09:15:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Java Quick Starter service failed to start due to the following error:
%%3


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of memory in use: 37%
Total physical RAM: 2047.48 MB
Available physical RAM: 1287.75 MB
Total Virtual: 4394.32 MB
Available Virtual: 3847.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.04 GB) (Free:59.23 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive i: (1 NEW SCANS) (Removable) (Total:30.46 GB) (Free:9.94 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: E7F3E7F3)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows 7 or Vista) (Size: 30.5 GB) (Disk ID: 438CA2E6)
Partition 1: (Active) - (Size=30.5 GB) - (Type=0C)

==================== End of Addition.txt ============================


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-12-2015
Ran by roy (administrator) on S-87 (11-12-2015 21:56:02)
Running from C:\Documents and Settings\Roy\My Documents\Downloads
Loaded Profiles: roy (Available Profiles: roy & User & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\soundman.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2006-08-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [76304 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [Microsoft Default Manager] => C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
Winlogon\Notify\LMIinit: C:\WINDOWS\system32\LMIinit.dll [2012-11-17] (LogMeIn, Inc.)
HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\...\MountPoints2: {dc788d96-1bc5-11de-94d8-001485870c09} - J:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-29] (AVAST Software)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2008-08-18]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\..\Interfaces\{3686E2F9-BDC0-43D5-A90F-256586BE0028}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6E426E0E-BEEE-40F5-A44C-42312776BD0F}: [NameServer] 64.136.173.147 64.136.164.146
Tcpip\..\Interfaces\{8B134E05-811E-4F1B-A5EC-542702CFBB08}: [NameServer] 192.168.0.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
HKU\S-1-5-21-2101575691-1799400712-1289588436-1109\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.foxnews.com/
hxxp://www.bing.com/?scope=web&mkt=en-US&FORM=MSNH14
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll => No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-29] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => No File
Toolbar: HKLM - No Name - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-2101575691-1799400712-1289588436-1109 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-03-29] (Belarc, Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Roy\Application Data\Mozilla\Firefox\Profiles\oms9zlzf.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [No File]
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1222172.dll [2015-11-18] (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @movenetworks.com/Quantum Media Player -> C:\Documents and Settings\Roy\Application Data\Move Networks\plugins\npqmp071502000008.dll [No File]
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [No File]
FF Extension: WOT - C:\Documents and Settings\Roy\Application Data\Mozilla\Firefox\Profiles\oms9zlzf.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10]
FF Extension: DoNotTrackMe - C:\Documents and Settings\Roy\Application Data\Mozilla\Firefox\Profiles\oms9zlzf.default\Extensions\[email protected] [2013-08-14] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-29] [not signed]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-28]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-29] (AVAST Software)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-07-26] (Nitro PDF Software)
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400 2008-07-24] (WDC) [File not signed]
S4 bddepsrv; "C:\WINDOWS\_BDDEP_\bddepsrv.exe" /service [X]
S2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 acfva; C:\WINDOWS\System32\DRIVERS\ACFVA32.sys [87040 2011-02-14] (Conexant Systems Inc.) [File not signed]
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4017536 2006-08-18] (Realtek Semiconductor Corp.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-08-29] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-08-29] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-08-29] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-08-29] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [794952 2015-11-06] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [435464 2015-11-06] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [161472 2015-08-29] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-08-29] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-08-29] (AVAST Software)
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2011-08-09] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 CYGF32X; C:\WINDOWS\System32\drivers\CygF32x.sys [9600 2003-12-11] (Cygnal Integrated Products) [File not signed]
R3 dgcfltr; C:\WINDOWS\System32\DRIVERS\ACFDCP32.sys [28928 2011-02-14] (Conexant Systems, Inc.) [File not signed]
S3 JL2005C; C:\WINDOWS\System32\Drivers\jl2005c.sys [62794 2007-04-10] (Windows (R) 2000 DDK provider) [File not signed]
S3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [54360 2014-11-28] (Malwarebytes Corporation)
R2 mdmxsdk; C:\WINDOWS\System32\DRIVERS\ACFSDK32.sys [12672 2011-02-14] (Conexant) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [41984 2011-02-18] (Apple, Inc.) [File not signed]
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation)
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [285952 2007-12-06] (Marvell)
S0 gdxwdm; system32\DRIVERS\GDXWDM.sys [X]
S4 LMIRfsClientNP; no ImagePath
S1 SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-11 21:55 - 2015-12-11 21:56 - 00000000 ____D C:\FRST
2015-12-11 21:44 - 2015-12-11 21:44 - 00000630 _____ C:\Documents and Settings\Roy\Desktop\Shortcut to FRST.exe.lnk
2015-12-11 02:05 - 2015-12-11 02:05 - 00000685 _____ C:\Documents and Settings\All Users\Desktop\IrfanView.lnk
2015-12-09 16:34 - 2015-12-09 16:34 - 00000532 _____ C:\Documents and Settings\All Users\Desktop\MSN2.lnk
2015-12-09 13:44 - 2015-12-09 13:44 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2015-12-07 14:59 - 2015-12-07 14:59 - 00000110 _____ C:\Documents and Settings\Roy\Desktop\Configure Windows Firewall to allow Firefox access to the Internet Firefox Help.URL
2015-12-07 14:10 - 2015-12-07 14:55 - 00000000 ____D C:\Documents and Settings\Roy\Desktop\New connection issues
2015-12-06 18:58 - 2015-12-06 18:58 - 00000116 _____ C:\Documents and Settings\Roy\Desktop\WinXP Autoenrollment cannot reach an Active Directory domain controller - message.URL
2015-12-06 18:49 - 2015-12-06 18:49 - 00000118 _____ C:\Documents and Settings\Roy\Desktop\windows server 2003 - Autoenrollment Feature Cannot Reach Active Directory - Server Fault.URL
2015-12-06 13:01 - 2015-12-06 13:01 - 00000092 _____ C:\Documents and Settings\Roy\Desktop\Enable or Disable the UPnP Framework Firewall Rule Windows Firewall (WF).URL
2015-12-06 12:26 - 2015-12-06 12:26 - 00000063 _____ C:\Documents and Settings\Roy\Desktop\NIST Internet Time Service.URL
2015-12-06 06:30 - 2015-12-06 06:30 - 00000071 _____ C:\Documents and Settings\Roy\Desktop\Microsoft Support.URL
2015-12-04 15:29 - 2015-12-04 15:29 - 00000063 _____ C:\Documents and Settings\Roy\Desktop\Image resolution for the video monitor screen.URL
2015-12-04 12:32 - 2015-12-04 12:56 - 00000095 _____ C:\Documents and Settings\Roy\Desktop\GeForce Garage How To Calibrate Your Monitor GeForce.URL
2015-12-04 12:00 - 2015-12-04 12:00 - 00000066 _____ C:\Documents and Settings\Roy\Desktop\HTTPS Everywhere FAQ Electronic Frontier Foundation.URL
2015-12-04 11:38 - 2015-12-04 12:03 - 00000097 _____ C:\Documents and Settings\Roy\Desktop\Advanced panel - Accessibility, browsing, network, updates, and other advanced settings in Firefox Firefox Help.URL
2015-12-04 10:39 - 2015-12-04 10:39 - 00000103 _____ C:\Documents and Settings\Roy\Desktop\Google HTTP Search, yes, it is still possible - gHacks Tech News.URL
2015-12-03 14:01 - 2015-12-03 14:01 - 00000058 _____ C:\Documents and Settings\Roy\Desktop\Adobe - Adobe Shockwave Player.URL
2015-12-03 13:03 - 2015-12-03 13:03 - 00000103 _____ C:\Documents and Settings\Roy\Desktop\Install Shockwave Player Windows XP.URL
2015-12-03 11:31 - 2015-12-03 11:31 - 00000000 ____D C:\Documents and Settings\Roy\Application Data\Oracle
2015-12-03 00:13 - 2008-05-19 18:16 - 00186407 _____ C:\WINDOWS\system32\nvapps.nvb
2015-12-03 00:12 - 2015-12-03 00:12 - 00000000 ____D C:\NVIDIA
2015-12-03 00:04 - 2015-12-03 00:04 - 00000103 _____ C:\Documents and Settings\Roy\Desktop\Installing video card.URL
2015-12-02 20:46 - 2015-12-02 20:46 - 00000077 _____ C:\Documents and Settings\Roy\Desktop\NVIDIA DRIVERS 175.19WHQL.URL
2015-12-02 20:29 - 2015-12-02 20:29 - 00000109 _____ C:\Documents and Settings\Roy\Desktop\BkNVRel175_XP.book - 175.19_WinXP_GeForce_Release_Notes.pdf.URL
2015-12-02 20:07 - 2015-12-02 20:07 - 00000552 _____ C:\WINDOWS\system32\d3d8caps.dat
2015-12-02 14:42 - 2015-12-03 07:45 - 00000000 ____D C:\Documents and Settings\Roy\Desktop\12 2 15 Misc desktop
2015-11-30 18:53 - 2015-11-30 18:53 - 00000085 _____ C:\Documents and Settings\Roy\Desktop\W32 Time Error - Windows XP - All Editions - The Elder Geek on Windows.URL
2015-11-28 12:54 - 2015-11-28 12:54 - 00000137 _____ C:\Documents and Settings\Roy\Desktop\StraightTalk transfer number.URL
2015-11-26 20:10 - 2015-11-26 20:10 - 00000258 _____ C:\Documents and Settings\Roy\Desktop\Amazon.com bluetooth usb adapter for pc Electronics.URL
2015-11-18 21:23 - 2015-11-18 21:23 - 00000107 _____ C:\Documents and Settings\Roy\Desktop\Using ESET's Online Scanner MajorGeeks.Com Support Forums.URL
2015-11-16 07:57 - 2015-11-16 07:57 - 00000073 _____ C:\Documents and Settings\Roy\Desktop\TripCheck - Oregon Traveler Information.URL
2015-11-13 19:24 - 2015-11-13 19:24 - 00000086 _____ C:\Documents and Settings\Roy\Desktop\The World Factbook.URL

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-11 21:57 - 2011-02-24 06:03 - 00000000 ____D C:\Documents and Settings\Roy\Local Settings\Temp
2015-12-11 21:55 - 2013-07-13 18:02 - 00020324 _____ C:\WINDOWS\ModemLog_USB Modem.txt
2015-12-11 21:55 - 2008-08-17 08:38 - 00000000 ____D C:\WINDOWS
2015-12-11 21:04 - 2011-04-26 12:52 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cc0453e471ec79.job
2015-12-11 19:36 - 2013-07-04 20:35 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-12-11 19:30 - 2011-04-26 12:52 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cc0453e42803f0.job
2015-12-11 19:30 - 2008-08-17 16:43 - 00181423 ____C C:\WINDOWS\system32\nvapps.xml
2015-12-11 19:30 - 2007-07-27 04:00 - 00011936 _____ C:\WINDOWS\system32\wpa.dbl
2015-12-11 19:28 - 2008-08-17 16:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-11 19:28 - 2008-08-17 15:59 - 00000000 ____D C:\WINDOWS\Registration
2015-12-11 19:25 - 2011-02-24 06:03 - 00000268 ___SH C:\Documents and Settings\Roy\ntuser.ini
2015-12-11 19:25 - 2011-02-24 06:03 - 00000000 ____D C:\Documents and Settings\Roy
2015-12-11 19:25 - 2008-08-17 16:07 - 00032394 _____ C:\WINDOWS\SchedLgU.Txt
2015-12-11 09:30 - 2013-07-29 19:56 - 00000000 ____D C:\Documents and Settings\Roy\Desktop\Flooring photos
2015-12-09 19:01 - 2013-12-07 23:37 - 00000049 _____ C:\Documents and Settings\Roy\Desktop\Fox News - Breaking News Updates Latest News Headlines Photos & News Videos.URL
2015-12-09 13:06 - 2011-02-24 06:04 - 00000803 _____ C:\Documents and Settings\Roy\Start Menu\Programs\Internet Explorer.lnk
2015-12-09 13:06 - 2008-08-17 15:59 - 00000609 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
2015-12-09 12:56 - 2008-08-17 16:03 - 00001563 _____ C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2015-12-09 12:53 - 2011-02-24 06:31 - 00000000 ____D C:\Documents and Settings\Roy\Outlook Files
2015-12-09 10:42 - 2011-03-08 08:20 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp
2015-12-07 20:51 - 2011-02-24 06:00 - 00000000 ____D C:\Documents and Settings\administrator.MNA
2015-12-07 20:51 - 2011-02-24 05:53 - 00000000 ____D C:\Documents and Settings\Administrator.S-87
2015-12-07 20:51 - 2008-08-18 11:27 - 00000000 ____D C:\Documents and Settings\administrator
2015-12-07 20:51 - 2008-08-17 16:07 - 00000000 __SHD C:\Documents and Settings\NetworkService
2015-12-07 20:51 - 2008-08-17 16:07 - 00000000 __SHD C:\Documents and Settings\LocalService
2015-12-06 22:16 - 2014-01-19 12:18 - 00000000 ____D C:\Documents and Settings\Roy\Desktop\Forums
2015-12-06 06:39 - 2010-07-01 15:29 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TEMP
2015-12-06 00:30 - 2013-08-15 21:01 - 00000000 ____D C:\Documents and Settings\Roy\Desktop\1 New scans from 8 15
2015-12-04 16:14 - 2008-08-18 10:49 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\nView_Profiles
2015-12-03 16:37 - 2015-06-28 17:47 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-03 16:37 - 2015-06-28 17:47 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-12-03 14:02 - 2010-02-05 10:43 - 00000000 ____D C:\WINDOWS\system32\Adobe
2015-12-03 11:37 - 2008-08-17 16:55 - 00000000 ____D C:\Program Files\Java
2015-12-03 11:37 - 2008-08-17 16:55 - 00000000 ____D C:\Program Files\Common Files\Java
2015-12-03 00:17 - 2008-08-17 16:43 - 00000000 ____D C:\WINDOWS\nview
2015-12-03 00:13 - 2008-08-17 08:38 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2015-12-03 00:13 - 2008-08-17 08:38 - 00000000 ____D C:\WINDOWS\Help
2015-12-02 20:15 - 2011-03-09 22:29 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2015-12-02 20:06 - 2008-09-04 12:31 - 00000116 ____C C:\WINDOWS\NeroDigital.ini
2015-12-02 18:23 - 2008-08-17 08:38 - 00000000 ____D C:\WINDOWS\security
2015-12-02 15:38 - 2015-01-14 23:22 - 00000000 ____D C:\Documents and Settings\Roy\Desktop\Photo programs
2015-12-01 11:06 - 2015-07-04 12:28 - 00000000 ____D C:\Documents and Settings\Roy\Application Data\Nitro PDF
2015-11-29 20:04 - 2010-09-17 08:49 - 00131072 _____ C:\WINDOWS\system32\config\OAlerts.evt
2015-11-29 12:16 - 2014-02-13 23:18 - 00000000 ____D C:\Documents and Settings\Roy\Desktop\Weather
2015-11-18 18:38 - 2013-07-30 19:10 - 00000000 ____D C:\Documents and Settings\Roy\Application Data\Canon
2015-11-13 20:20 - 2013-07-16 22:32 - 00000000 ____D C:\Documents and Settings\Roy\Desktop\Ron
2015-11-11 17:53 - 2015-10-31 19:08 - 00000000 ____D C:\Documents and Settings\Roy\Local Settings\Application Data\Paint.NET

==================== Files in the root of some directories =======

2011-02-24 16:15 - 2011-02-24 16:15 - 0000760 ____C () C:\Documents and Settings\Roy\Application Data\setup_ldm.iss
2013-07-21 07:20 - 2015-08-08 10:08 - 0027136 _____ () C:\Documents and Settings\Roy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-05 13:20 - 2015-11-05 13:20 - 0001584 _____ () C:\Documents and Settings\Roy\Local Settings\Application Data\recently-used.xbel

Some files in TEMP:
====================
C:\Documents and Settings\User\Local Settings\Temp\sp_100003b.exe
C:\Documents and Settings\User\Local Settings\Temp\sp_200002d.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================
 
Jon said:
Nick I am thinking
Can you take over peoples computers and sort things out when things get complicated like this case?
Could be easier for everybody
Just thinking out loud :D
Click to expand...
\
He can Jon,
..........all you have to do these days is click on "I agree" when he asks you something. :D
 
I can, And sometimes do, But you have to be on ,and give permission.

You guys have the easy part .:) Besides you get to learn a little more about your confuser , and i don't have to spend hours working on one confuser . :)
 

Similar threads

highup
Firewall advanced tab
Replies
3
Views
2K
Nick
Nick
highup
Event ID 12
Replies
9
Views
2K
highup
highup
highup
Event Viewer Errors
Replies
7
Views
2K
Nick
Nick

Latest posts

Back
Top