Over 1 million tech questions and answers.

JRT Scan Keeps Finding The Following Files

Q: JRT Scan Keeps Finding The Following Files

Hi, I wonder if anyone can help with this following log. It turns up intermittently when I scan it with the Junkware Removal Tool.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Professional x64 
Ran by laptop (Administrator) on 22/09/2016 at 21:36:47.79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 10 
 
Successfully deleted: C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7ZWQ6H4J (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CUN1QW0H (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB53EJGC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RCY3X9H6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRBKUU52 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7ZWQ6H4J (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CUN1QW0H (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB53EJGC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RCY3X9H6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRBKUU52 (Temporary Internet Files Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/09/2016 at 21:39:11.37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
FARBAR SCAN....
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2016
Ran by laptop (administrator) on LAPTOP-PC (16-10-2016 11:53:41)
Running from C:\Users\laptop\Downloads
Loaded Profiles: laptop (Available Profiles: laptop)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-09-16] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1284569799-4081718299-317326855-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1284569799-4081718299-317326855-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2C622BB7-9E72-41AE-BB93-F7F7C39EFF4E}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1284569799-4081718299-317326855-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-1284569799-4081718299-317326855-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.uk/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-16] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-05-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-05] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1284569799-4081718299-317326855-1000: @citrixonline.com/appdetectorplugin -> C:\Users\laptop\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-06-29] (Citrix Online)
 
Chrome: 
=======
CHR Profile: C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default [2016-10-16]
CHR Extension: (Google Drive) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-27]
CHR Extension: (YouTube) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-27]
CHR Extension: (Adblock Plus) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-24]
CHR Extension: (Google Docs Offline) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-27]
CHR Extension: (Gmail) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-27]
CHR Extension: (Chrome Media Router) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-21]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3192560 2016-07-26] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-09-18] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-16 11:53 - 2016-10-16 11:53 - 02406912 _____ (Farbar) C:\Users\laptop\Downloads\FRST64.exe
2016-10-16 11:53 - 2016-10-16 11:53 - 00009823 _____ C:\Users\laptop\Downloads\FRST.txt
2016-10-16 11:53 - 2016-10-16 11:53 - 00000000 ____D C:\FRST
2016-10-16 11:52 - 2016-10-16 11:52 - 01756672 _____ (Farbar) C:\Users\laptop\Downloads\FRST.exe
2016-10-11 11:05 - 2016-10-11 11:05 - 03874368 _____ C:\Users\laptop\Desktop\AdwCleaner.exe
2016-10-11 10:39 - 2016-10-11 10:40 - 00000000 ____D C:\Users\laptop\Desktop\Simon New
2016-09-20 20:50 - 2016-10-15 15:24 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-09-18 12:44 - 2016-09-18 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-09-18 12:44 - 2016-09-18 12:44 - 00000000 ____D C:\Program Files\RogueKiller
2016-09-17 15:35 - 2016-09-17 15:35 - 00012060 _____ C:\Users\laptop\Downloads\131549.pdf
2016-09-17 15:20 - 2016-09-17 15:20 - 01610560 _____ (Malwarebytes) C:\Users\laptop\Desktop\JRT.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-16 11:48 - 2015-10-30 22:30 - 00000000 ____D C:\ProgramData\MFAData
2016-10-16 11:47 - 2015-06-29 18:55 - 00000664 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1284569799-4081718299-317326855-1000.job
2016-10-16 11:45 - 2016-07-27 12:00 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-16 11:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-16 01:27 - 2015-06-29 18:55 - 00000568 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1284569799-4081718299-317326855-1000.job
2016-10-16 01:18 - 2016-07-27 12:00 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-15 23:53 - 2009-07-14 05:45 - 00022288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-15 23:53 - 2009-07-14 05:45 - 00022288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-15 11:43 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-12 15:29 - 2009-07-14 06:13 - 00781782 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-12 15:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-10-11 22:00 - 2015-02-09 17:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-10-11 11:07 - 2016-08-11 12:19 - 00000000 ____D C:\AdwCleaner
2016-10-11 10:47 - 2015-08-04 15:12 - 00000020 ____H C:\ProgramData\PKP_DLbx.DAT
2016-10-10 01:35 - 2015-08-27 15:41 - 00000000 ____D C:\Users\laptop\AppData\Local\CrashDumps
2016-10-08 23:03 - 2015-12-17 21:06 - 00000000 ____D C:\Users\laptop\AppData\Roaming\Skype
2016-10-04 11:11 - 2015-06-29 18:55 - 00003694 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-1284569799-4081718299-317326855-1000
2016-10-04 11:11 - 2015-06-29 18:55 - 00003598 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1284569799-4081718299-317326855-1000
2016-10-03 22:20 - 2016-07-27 12:02 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 22:20 - 2016-07-27 12:02 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-03 17:01 - 2015-12-17 21:05 - 00000000 ____D C:\ProgramData\Skype
2016-09-28 23:28 - 2015-02-10 16:34 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-22 21:39 - 2016-07-27 12:07 - 00002201 _____ C:\Users\laptop\Desktop\JRT.txt
2016-09-21 07:55 - 2015-02-05 22:32 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-21 07:54 - 2015-02-05 22:30 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-09-18 12:45 - 2015-08-14 19:41 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
 
==================== Files in the root of some directories =======
 
2015-08-04 14:36 - 2015-08-04 14:36 - 0000268 ___RH () C:\Users\laptop\AppData\Roaming\Printers
2015-08-04 14:37 - 2015-08-04 14:37 - 0000268 ___RH () C:\Users\laptop\AppData\Roaming\PrintingModule
2015-08-04 14:36 - 2015-08-04 14:36 - 0000268 ___RH () C:\Users\laptop\AppData\Roaming\PrintsService
2015-08-04 15:16 - 2015-08-04 15:16 - 0000268 ___RH () C:\Users\laptop\AppData\Roaming\User Pictures
2015-08-04 15:16 - 2015-08-04 15:16 - 0000268 ___RH () C:\Users\laptop\AppData\Roaming\Utilities
2015-08-04 15:12 - 2016-10-11 10:47 - 0000020 ____H () C:\ProgramData\PKP_DLbx.DAT
2015-08-04 15:16 - 2015-08-04 15:16 - 0000020 ____H () C:\ProgramData\PKP_DLck.DAT
2015-08-04 14:37 - 2015-08-04 14:37 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-08-04 14:36 - 2015-08-04 14:50 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-08-04 14:36 - 2015-08-04 14:36 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2015-08-04 14:36 - 2015-08-04 14:36 - 0000268 ___RH () C:\ProgramData\Project Templates
2015-08-04 14:37 - 2015-08-04 14:37 - 0000268 ___RH () C:\ProgramData\Quartz Composer
2015-08-04 14:36 - 2015-08-04 14:36 - 0000268 ___RH () C:\ProgramData\Radio Sounds
2015-08-04 14:36 - 2015-08-04 14:36 - 0000012 ___RH () C:\ProgramData\Sampler Files
2015-08-04 14:37 - 2015-08-04 14:37 - 0000012 ___RH () C:\ProgramData\Sci-Fi
2015-08-04 14:36 - 2015-08-04 14:36 - 0000012 ___RH () C:\ProgramData\Screen Savers
2015-08-04 15:16 - 2015-08-04 15:16 - 0000268 ___RH () C:\ProgramData\WebServer
2015-08-04 15:16 - 2015-08-04 15:16 - 0000268 ___RH () C:\ProgramData\Widgets
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-10-12 15:50
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2016
Ran by laptop (16-10-2016 11:55:01)
Running from C:\Users\laptop\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-02-01 14:56:19)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1284569799-4081718299-317326855-500 - Administrator - Disabled)
Guest (S-1-5-21-1284569799-4081718299-317326855-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1284569799-4081718299-317326855-1002 - Limited - Enabled)
laptop (S-1-5-21-1284569799-4081718299-317326855-1000 - Administrator - Enabled) => C:\Users\laptop
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
AVG (Version: 16.111.7797 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4664 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.111.7797 - AVG Technologies)
Capture NX 2 (HKLM\...\Capture NX 2) (Version: 2.4.7 - NIKON CORPORATION)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
FMW 1 (Version: 1.132.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.24.0.5636 (HKU\S-1-5-21-1284569799-4081718299-317326855-1000\...\GoToMeeting) (Version: 7.24.0.5636 - CitrixOnline)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.09.03 - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4859.1002 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1284569799-4081718299-317326855-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.3.0 - Nikon)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.5.1 - Nikon)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0010 - Realtek)
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.3.0 - Nikon)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1284569799-4081718299-317326855-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\laptop\AppData\Local\Citrix\GoToMeeting\2759\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1CEAA767-0860-4B11-AB40-2BDB768549F1} - System32\Tasks\G2MUploadTask-S-1-5-21-1284569799-4081718299-317326855-1000 => C:\Users\laptop\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe [2016-10-04] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {27D86FB3-A5EF-47AC-9B60-BA7FB4E33145} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
Task: {3A9B0B1E-32BE-43D9-BCD2-83C7FCE29CC6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
Task: {3DB11AE0-FF5E-4E4C-A91A-F5FB87C74E7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-27] (Google Inc.)
Task: {7FBEB1D4-ED25-482C-A55A-7C62C60499EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-27] (Google Inc.)
Task: {D9F1502C-4C8E-45A3-A4D7-F993EFCA13A4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks [Argument = /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig"]
Task: {E1517C6E-522F-4529-9789-CB486C691C5A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {E96F519A-7513-4BDD-8C0A-0765D237525D} - System32\Tasks\G2MUpdateTask-S-1-5-21-1284569799-4081718299-317326855-1000 => C:\Users\laptop\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe [2016-10-04] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EB648662-DD3F-431A-8079-CAFD0941052C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {F9FC121A-DE00-4EE6-B0FE-1007AC841516} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {FC57ABAF-DD8C-4C81-9667-C1CE666B5E5E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-07-26] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1284569799-4081718299-317326855-1000.job => C:\Users\laptop\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1284569799-4081718299-317326855-1000.job => C:\Users\laptop\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-26 18:26 - 2016-05-24 17:43 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-02-05 22:30 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-01-10 22:12 - 2012-01-10 22:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-10-03 22:20 - 2016-09-25 07:02 - 02279528 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-03 22:20 - 2016-09-25 07:02 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll
2016-07-26 18:17 - 2016-07-26 18:17 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2015-09-30 23:56 - 00000747 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1284569799-4081718299-317326855-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\laptop\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\startupfolder: C:^Users^laptop^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{577A799E-E93C-473E-A124-228C3A09294A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{A87363D8-B83B-4383-B3EB-3D72F9CFFC97}] => (Allow) C:\Users\laptop\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{806473AF-F799-4DD8-BAC2-0251C610BA09}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FB2CF0DF-3DFD-471D-94AA-F0E1A19D1C7F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{ED91A7D2-2A9A-487A-8ED2-6A1808B64CB0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{34BE60E1-3C59-4C86-9713-49472C5DD664}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{A6EBC1A8-757E-45EE-AC9F-C97292E78674}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
13-09-2016 08:01:38 Scheduled Checkpoint
17-09-2016 15:21:10 JRT Pre-Junkware Removal
22-09-2016 21:36:51 JRT Pre-Junkware Removal
12-10-2016 15:56:37 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/16/2016 11:46:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (10/15/2016 11:53:53 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (10/15/2016 11:44:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (10/14/2016 04:45:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (10/14/2016 01:43:14 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (10/14/2016 01:34:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (10/14/2016 10:10:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (10/13/2016 10:59:50 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (10/13/2016 10:51:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (10/12/2016 11:47:10 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
 
System errors:
=============
Error: (10/16/2016 11:46:24 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.
 
Error: (10/15/2016 04:34:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
 
Error: (10/14/2016 04:48:23 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
 
Error: (10/14/2016 04:47:44 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
 
Error: (10/13/2016 01:09:11 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
 
Error: (10/12/2016 12:37:36 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
Error: (10/12/2016 12:37:36 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
Error: (10/12/2016 12:37:35 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
Error: (10/12/2016 12:37:35 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
Error: (10/12/2016 12:37:34 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5 CPU M 480 @ 2.67GHz
Percentage of memory in use: 63%
Total physical RAM: 3892.55 MB
Available physical RAM: 1407.3 MB
Total Virtual: 7783.29 MB
Available Virtual: 5372.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.75 GB) (Free:389.07 GB) NTFS ==>[drive with boot components (obtained from BCD)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FB508AE8)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

Read other answers
RELEVANCY SCORE 200
Preferred Solution: JRT Scan Keeps Finding The Following Files

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

RELEVANCY SCORE 65.6

Hi,
My laptop has been acting very odd lately: slow, always full of viruses. This morning I ran adaware and stopped it when it started scanning the 300,000th file -- usually it stops around 100,000. I disconnected it from the internet and am in the process of running microsoft antispyware. Last time I ran spysweeper, it usually takes 7-10 minutes, it went 79 minutes. Anyone have any ideas?
Thanks a ton,
Sandy
 

A:Adaware finding 300,000 files to scan

Read other 16 answers
RELEVANCY SCORE 65.2

Ok.
 
I have two files Avast can not scan. 
 
C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\servicing\Sessions\11312_596062500.back.xml
 
error: the file cannot be accessed by the system (1920)
 
C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\servicing\Sessions\11252_596032657.back.xml
 
error: the file cannot be accessed by the system (1920)
 
They look like they might be something to do with Windows 10?
 
I might have  typo in the warnings - i had to type these in as i cant see how you grab a report from avast.
 
Any ideas?

A:Avast on Win 7 finding two files it can not scan. Win 10 files?

Correct windows 10 is downloading in the background and there are two folders BT and WS they are, I believe, password prot4ected files until they are installed

Read other 1 answers
RELEVANCY SCORE 54

Hello
 
This is an old Vista Home Premium (service pack 2) laptop that I have and want running smooth again. The files JRT finds are always:
 
 
C:\Users\utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1A0ASBV8
&
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1A0ASBV8
 
 
There's always 5 of each, and the bold text changes everytime.
 
 
Issues I'm experiencing and for which I found no solution:
 
-svchost.exe permanently taking 50% CPU
-windows uptade unresponsive (searches forever)
-failed security update KB3073921 (error code 80242016)
-unable to use the "turn windows features off" option (prog bar never advances, CPU @ 100%)
 
What I've done:
 
-verify which svchost.exe takes that much CPU; likely not a virus (all services under the host are legitimate windows/system32)
-try run windows update in safemode + network (cannot load it, wont open)
-chkdsk /f /r (not sure how to interpret the results; i have the log)
-sfc /scannow (no violation found)
-try download and install failed update from windows (same result, msu file opens but loads/searches forever)
-run scans with: Panda Global 2016, MB Antimalware, ESET, AdwCleaner, MB Antirootkit & JRT (1 before and 1 after using rKill)
 
Panda, Antimalware, Adwrcleaner & Antirootkit found nothing. Eset found 6 things which I removed and didnt came back. JRT is the issue.... Read more

Read other answers
RELEVANCY SCORE 49.2

I have scanned this machine with Avast, Spybot, VunduFix, VirtumundoBegone,...Doesn't seem to help. Can you offer me more guidance? Your assistance is appreciated.My HJT log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:42:36 PM, on 1/10/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16574)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeC:\Program Files\Dell\NICCONFIG... Read more

A:Avast Scan Keeps Finding Win32:tratbho

Please don't respond yet. Ran another Spybot scan and got a completely different result. Cleaning those items and testing.

Read other 3 answers
RELEVANCY SCORE 49.2

does norton/symantec offer a free, on-demand av scan, or do you have to purchase something from them? i can't seem to find it. thanks, Ed James

A:Finding Norton/symantec Free Av Scan

Symantec Security CheckYou can also find other online scans listed here:Freeware Replacements For Common Commercial Apps

Read other 9 answers
RELEVANCY SCORE 49.2

A couple of days ago, I got a pop up from my Norton Anti virus telling me that my computer was infected by a trojan called zhopaizdupla.exe. After scanning with Norton and then Spysweeper I found nothing. Then I downloaded another spyware remover called Prevx1, and it found nothing. How do I get rid of this? I have included a copy of my HJT scan, and I would like to also learn how to interpret the results fo future de-bugging.

Logfile of HijackThis v1.99.1
Scan saved at 1:00:56 PM, on 22/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Prevx1\PXConsole.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Prevx1\PXAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Prog... Read more

A:Need help finding and getting rid of zhopaizdupla.exe trojan; HJT scan included.

Hi and welcome to TSG,
Download the trial version of Ewido Anti-Malware here.
Install ewido.
During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
Launch ewido
It will prompt you to update click the OK button and it will go to the main screen
On the left side of the main screen click update
Click on Start and let it update.
DO NOT run a scan yet. You will do that later in safe mode.
Click here for info on how to boot to safe mode.
Restart your computer into safe mode now. Perform the following steps in safe mode:
Run Ewido:
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your desktop

Restart back into Windows normally now.
Run ActiveScan online virus scan here

When the scan is finished, save the results from the scan!
Come back here and post a new HijackThis log, as well as the logs from the Ewido and Panda scans.
 

Read other 2 answers
RELEVANCY SCORE 48.8

HiI've recently had a problem with Avast - a popup keeps coming up telling me that a threat has been blocked, usually two in quick succession, even when I'm not browsing the internet. This happened immediately after I tried to open a torrent-downloaded avi file that my computer later identified as containing a virus. My computer is also sluggish and slow. However, avast cannot find any malware and neither can other cleaning programs I've tried. Can you help?CheersDom(I've included a screenshot so you can see the popup details - bottom left hand of the screen)

Read other answers
RELEVANCY SCORE 48.8

OK I've tried to find a link to solve this problem but I've had no luck. I'm having a problem with IE pop ups. Continuous and varying popups continue appearing whenever I am connected to a network no matter if I'm using IE or not. I also noticed that the popups kind of relate to the recent browsing I've done. I don't know if that's just my imagination. I use Mozzilla and it has no such problem, but IE popups still come. I run Spybot S&D regularly as Well as McAfee and they both continue to find adware and trojans. I suspect that I have an inbeded virus or a root kit but I don't know how to fix it. Please include ways to get around the annoying vista preventive measures because I haven't figured out all of those tricks either (i.e. not being able to delete certain files, required permissions exceptions, ect.). Here is the HJT log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:04:24 PM, on 6/30/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\ico.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozi... Read more

A:Internet EXP popups. Virus scan keeps finding stuff.

I don't mean to be impatient, but is it normal to wait more than a week for a reply? Also more updates on the problem some of the things that keep reappearing SmitFraud adware, Ego TV popups, get rich quick with Google adds popups. I'll keep updating as I remember the popups and things. I tend not to pay attention to them anymore besidestaking the time to close the windows.
 

Read other 1 answers
RELEVANCY SCORE 48

Following a visit to a site upon which a 'gif' file dodged my popup blocker I decided to do some scans. I did a Kaspersky scan and it found nothing, my sister nagged me into doing a panda online scan...the scan is ongoing and has so far found two suspicious files and three infected, it's under thirty per cent done. When the panda scan is done I'll post more about it.I'm running an A squared scan now also and another Kaspersky scan. When the A squared scan is done, I'll post again about its findings. Kaspersky found nothing on the second scan. A squared found a high risk virus called Virus.Win32.Virut!IK, I have quarantined it but not deleted. I'm now including the A squared report in the attachments.There is no unusual internet activity, the only thing that worried me a bit was that my laptop started up slowly...but it's been doing that for a while.Don't hesitate to tell me if I've done anything wrong or need to do/can do more....just posting this has made me feel better DDS log:DDS (Ver_09-12-01.01) - NTFSx86 Run by Sarah at 16:57:54.33 on 29/01/2010Internet Explorer: 8.0.6001.18882Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.44.1033.18.3034.881 [GMT 0:00]AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E4... Read more

A:Visited unsafe site, panda scan is finding infection

Sorry to be posting again on my topic, I have important information to add and can't find the 'edit' button I acted on some advice I was given to get rid of the virus that a Squared found and reformatted my hard drive (my brother did this for me....restore factory image is what exactly).I did another A squared scan and have found nothing...however, Kaspersky found this as a threat:04/02/2010 17:17:35 Detected: http://www.viruslist.com/en/advisories/28506 c:\program files\microsoft office\office12\excel.exe I'm posting new DDS and rootrepeal information now to make sure I'm clean.DDS (Ver_09-12-01.01) - NTFSx86 Run by Mister Awesome at 18:51:58.13 on 04/02/2010Internet Explorer: 7.0.6001.18000Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.44.1033.18.3034.1885 [GMT 0:00]AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: Kaspersky Internet Security *enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k se... Read more

Read other 12 answers
RELEVANCY SCORE 48

I have been having an issue with Symantec Leaving my logs full with scan Omissions 99% of which are compressed. After doing considerable research I find symantec gives a nice list of possabilities and things to look into. Personally none of these fixed my issue, but it may yours. If Anyone has any Ideas to add to Symantec's offical list of reasons for scan omissions please do.---------------------------------------------The following is From Symantec @ http://service1.symantec.com/SUPPORT/ent-s...002073015235648Event ID 6Solution:This event is typically encountered when any of the following occurs: You scan a compressed file that contains a password-protected file. The decomposer engine cannot provide the password required to gain access to the file, so it will be omitted during a scan. You scan files that have been locked for access by the operating system and access cannot be released to the scanner because the file is in use. You scan files that are recursively compressed to a depth that is more than the scan engine is set to scan. By default, the scan engine is set to scan a maximum depth of three levels (for example, a zip file contained within a zip file contained within another zip file). You scan files with LH7 compression, which is not a supported format. These compressed files commonly have an .lzh extension, and they are omitted by the scan. You scan files that are in use by another user. This is most commonly seen when you scan user directories and shared folders... Read more

Read other answers
RELEVANCY SCORE 47.6

Ok after I scanned with super antispy software and removed everything, I started getting bad image file errors with .dlls popping on anything opened and on startup. I cant get DDS to run it just pops up a command prompt and never does anything. So I will attach the gmer txt and post my HJT log here.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 951 PM, on 12/3/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELServic... Read more

A:bad image files after scan with a super anti scan

bump please.

Read other 4 answers
RELEVANCY SCORE 45.6

I have windows vista and I need help finding FLV files and flash files on the computer .

Yes I checked C:\Users\mike\AppData\Local\Microsoft\Windows\Temporary Internet Files
I cannot fined any FLV files and flash files .Where else can I look for it ? Any where it saves it in temep folder ? Now I'm trying play it with out a bandwith overload but cannot find the FLV files and flash files .
I'm over the the bandwith .
 

A:Need help finding FLV files and flash files on the computer

Read other 6 answers
RELEVANCY SCORE 45.2

Good afternoon,

I have been experencing really low internet speeds on my computer. I have ran many tools such as HiJack this, ComboFix, AVG (Including rootkit) and Malwarebytes. Several of these tools found things here and there which seemed to have been removed.

I have set my computer up to dual boot WIN XP/WIN 7. I only experience the low speeds while using Win 7 which seems to make me thing that something is taking the majority of my bandwidth usage.

Could any take a look at my logs and see if there is anything going on before I decide to reinstall the os.

P.S I have also included my HijackThis log file.

Thanks in advance!

A:DDS scan and GMER scan log files.

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===This process looks suspicious.C:\Users\James\Desktop\Security Tools\mb9soxkz.exeDo you know what it is?Did you installed this driver or do you know which application needs it.R1 enport;enport;c:\windows\system32\drivers\enport.sysIt may be valid but I cannot find sufficient information on it.===Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofixLink 1Link 2* IMPORTANT !!! Save ComboFix.exe to your DesktopIMPORTANT....1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Do not install any other programs until this if fixed.How to : Disable Anti-virus and Firewall...http://www.bleepingcomputer.com/forums/topic114351.htmlDouble click on ComboFix.exe & follow the prompts. When finished, it will produce a report for you. Please post the C:\ComboFix.txt Note:Do not mouse click ComboFix's window while it's running. That may cause it to stallNote: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleeping... Read more

Read other 2 answers
RELEVANCY SCORE 44

I'm seeing the same four files repeat in the Temp Files / Shortcuts section of a Registry Mechanic scan.

\C:\ProgramData\McAfee\VirusScan\Data\TFRBBC1.tmp
\C:\ProgramData\Microsoft\Search\Data\Application\Windows\MCC.chk
\C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv01.tmp
\C:\Users\Kevin\AppData\Local\Microsoft\Windows Mail\edb.chk

I'm also seeing the following two files in the Deep Scan section.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache\7971f918-a847-4430-9279-4a52d1efe18d
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache\9482fb4-e343-43b6-b170-9a65bc822c77

Recent history: Less than a week ago, during a routine McAfee antivirus scan I discovered a half dozen files associated with the Artemis trojan. Several months earlier I found and debugged (also with McAfee) a different trojan. And the laptop has been slow for several weeks/months.

In anticipation of getting help here I tried running RootRepeal. That ran for more than 24 hours. So I stopped it. Then I tried running SysProt AntiRootkit. But McAfee wouldn't accept it and returned the following message.

McAfee has automatically blocked and removed a Trojan.
About this... Read more

A:Registry Mechanic repeat Temp Files / Shortcuts and Deep Scan files

Anybody have time to help with this one?

Read other 4 answers
RELEVANCY SCORE 43.6

I have copied files from an infected computer to...
- a flash drive and a
- portable hard drive that plugs into a usb port

- the files I want to copy are both data files and application files...
- Data files include: text files, ms office documents, image files, videos, etc
- Application files include: MS Access mdb (data base) files which may include visual basic for applications code
- Ditto for Excel files
- Some application development stuff like MS Visual Studio Projects

How can I safely scan these files before putting them on a clean computer?

Thanks for any help.

PS

I think I have 'Autorun' turned off on the clean computer via using RegEdit to go to...
HKEY_CURRENT_USER > Software > Microsoft > Windows > CurrentVersion > Policies > Explorer > "NoDriveTypeAutoRun"

... and verifying that the hex value of the first byte is 95
... which as I understand it 'exclueds' unknown, removable, and remote drives from 'autorun'
... via instructions here... http://autorun.moonvalley.com/enable.htm

A:How to safely scan data files (or other files) on external drive?

Install Panda USB Vaccine, or BitDefender?s USB Immunizer on your computer to protect it from any infected USB device.Then you're safe to connect any external device and scan it with your AV program.

Read other 5 answers
RELEVANCY SCORE 43.6

Is there any reason when I do a search for files on my PC, as in START/FIND/FILES or FOLDERS that it doesn't find the files that I have saved within Outlook Express?

For instance, I know SOMEWHERE in my OE I have an email with an attached jpg. in it named PhillyJimmy in it.... but when I do a search of my hard drive (C) it will not find the file. Shouldn't find files or folders find that file name if it's exact?

Thanks

DAVID

DELL PIII 450MHz
Win98se
 

A:Finding files within OE...???

Hey BigDave

Yes, there is. OE is a database program - your emails are not files, they are information stored within the index files (.DBX). The only way to use search to find something there is to specify what text you are looking for in search. And for files, you would enter *.dbx.

However, if you know it is in a folder in OE, you can use the "search" included in OE.
Click Edit->Find Message In This Folder. If it stops at a possible email and it is not the one, pressing F3 will make it continue the search until it has gone through a folder.
 

Read other 1 answers
RELEVANCY SCORE 43.6

Can someone please tell me if a history and temp internet file exist in win2k and if so where can they be found???? Thanks.

Ryan
 

A:help finding files

to find the temp internet file location go to tools menu, internet options. middle section titled temp internet files, select the settings button, it will display the location of the storage location
That is also where the cookies are stored I beleive
 

Read other 1 answers
RELEVANCY SCORE 43.6

this is a bit of an embarrassing question but please bear in mind that I am a novice at this. I understand about FTP but how do you actually find FTP files in the first place? Is there a search engine in the same way as for normal website pages? Or do you just look for the FTP option when you are downloading files?

Thanks for your help.

Jamie

A:finding FTP files

FTP is File Transfer Protocol. As such, it is a definition for a mechanism to transfer files over a network.

So, there aren't any "FTP Files" since you could theoretically FTP any file.

I believe you're referring to "FTP Sites". Usually, FTP sites are maintained by businesses or individuals who would like to allow people to transfer files to or from them quickly - using FTP. Usually these sites are technical or scholarly in nature - like a computer company having update files on it's FTP site. There will usually be a link on a companies home page. Or a user might have an FTP server with MPEG or MP3 files on it available for download.

As stated, you usually have to be told of the existence of an FTP site or server. You could just "gues" however, this is the hard way.

FTP is "quicker" than using HTTP although file transfer is possible with both.

Modern browsers are capable of changing from HTTP to FTP pretty seamlessly to the user.

Older users (like me ;) or "power users") sometimes prefer the command line FTP which can give a little more control over the intracacies of the protocol. Some programmers have built this into GUI FTP programs such as WS-FTP.

Hope this helps.

Read other 3 answers
RELEVANCY SCORE 43.6

Hi

I keep a couple of .txt files on my desktop, so I can easily refer to them.

Today I lost them. They are not in the recycle bin though, it has not been emptied since July, so, where can these files be please?

I have done a search for them, and they just seemed to have vanished without trace.

Please could someone help me locate them?

Thanks
 

A:Help pls, in finding some .txt files.

Read other 6 answers
RELEVANCY SCORE 43.6

I'd appreciate a little help with a problem I'm having in finding files. I suspect it might have to do with Libraries which I don't fully understand.

If I go to C:\music I can see any number of music files located there. But when using another program and their option to "browse", when I go to the same folder I see none of the music files. Kinda like a magic act!

Could anyone point me in the right directions?

Thanks. Jim

A:Finding files

  
Quote: Originally Posted by Lykele


I'd appreciate a little help with a problem I'm having in finding files. I suspect it might have to do with Libraries which I don't fully understand.

If I go to C:\music I can see any number of music files located there. But when using another program and their option to "browse", when I go to the same folder I see none of the music files. Kinda like a magic act!

Could anyone point me in the right directions?

Thanks. Jim


If you click "Start", "Computer", there is a "Search" window in the right corner. You can put the file name (Blue.mp3) or if you don't know the file name, put *.mp3

It will bring them up.

Read other 4 answers
RELEVANCY SCORE 43.6

hi can anyone help please i had to reformat my pc as it crash while doin a system recovery. ive lost all my mp3s data files. pictures how can i find them all again there in a differnt partition

thanks dave
 

A:help finding files please

Did you do a Full install?
When you say on a different partition was it still on the same Hard drive?
 

Read other 3 answers
RELEVANCY SCORE 43.6

I posted about missing files after malware cleanup seperately because i don't want to combine the two. I have a question about how to get rid of files i see in my Secunia psi program but never see them listed in windows uninstaller, Revo uninstaller or even Iobit uninstaller .

Thank you very much, the help is truly appreciated.

A:finding files

Hello -Since you have no record of Malware Cleanup at this forum, could you please tell or link us to that particular item -I think that one minor problem may be related to the IObit programs installed on your system.It is unfortunate that this program / company has a habit of confusing some of your files, and makes them hard to find.The first / best option is to remove IObit from your computer. Next uninstall Secunia PSI Version 3 if that is what you use.Then you can install Secunia PSI Version 2, and not use the latest Version 3, that is a bit more complicated.You may find the earlier version of Secunia is much easier to manage, and easier to handle for many people (me included).Thank You - EDITED to add Secunia 2 Link -

Read other 5 answers
RELEVANCY SCORE 43.2

Not familiar with W2000PRO.

Checked out Disk Cleanup, and it displays 14,581KB of Compressed Files.

Q#1. How/where can these files be found?

Q#2. Is it safe to just delete the Compressed files with Disk Cleanup?

Thanks for the help.
 

A:Finding Compressed Files

I don't have 2k but I would think if you do a full drive Search for either *.zip or *.cab it might turn up something in the way of compressed files.

I certainly wouldn't recommend deleting them until you know more about them unless they happen to be in one of the Temp folders. Even then it's good policy to send them to the Recycle in for a reasonable period before dumping them.

For a comparison, I'm running XO Home and I currently have 185 .zip files and 85 .cab files. Given that yours are only 14 Megs, I would just leave them alone if I were you.

My 2
 

Read other 3 answers
RELEVANCY SCORE 43.2

I recently got an SSD and followed this guide to set it up properly
How to: Setup SSD boot drive with secondary Hard disc optimization

My problem is that once I finished it and everything was quick, I was too stupid to not back up at all and I cut/paste the contents of the user folder's video, music and pictures into the windows libraries. Now I cannot log back into the account, and with my other accounts, I cannot find any of the files. Any one knows where they went or if they still exist?

A:Need help finding location of files

You cannot move anything into libraries - only into folders. Libraries are only an index of folders. But if you move something to a library, it ends up in the default folder of that library. Look into the libraries Properties and see what the default folders are.

Read other 5 answers
RELEVANCY SCORE 43.2

Everytime I start my computer I get a window in the bottom left corner that says these files cannot be found and windows searches for them.

I just keep clicking Cancel then I get some other error message so I close that then I get an illegal operation right away. Grrrrrrrrrrrrrrr

So anyone know what these files are for or if I can safely delete them from the computer? All files are in the C:\WINDOWS\All Users\Start Menu\Programs\StartUp folder.

All files end in the .exe extension too.

2ljdb6e
44ocf0mt
1frix0xy
pv0nevec
qrzx3vjn
j0o4bg1l
z19lxpl7
qckq9tie
z19lxpl7
morze1 and morze5
fen5lzwa
v53m134q
bz4fg5pr
w906jhko
xape0wiv
pf44j8ho
1k7defwf
fqtyb8ed
j60vjz1
j403odmd
1t7nrir

I did do a scan with search and destroy but I don't think It cleaned any spywear out or off of my computer. It did however find 201 infected files!

Computer runs slower then usual. Can I go in and search for these files and delete them safely?
 

A:Problems finding some files...

Read other 16 answers
RELEVANCY SCORE 43.2

I am getting assistance from Malwarebytes helpdesk for an apparent hijacking trojan that I have. I installed ComboFix aper the techs instructions. He has now asked me to look for a combofix text file at c:\combofix.txt. I probably could find it when I was using Windows XP, but for the life of me I can't find it using the Vista operating system. Where do I look? I need a tutorial on finding all my C:\ files. This should be easy but Vista seems to be hiding them on me.HELP!

A:Tutorial Finding My Files

hi,,, click on vista start menu orb>click computer>click on C: drive>click on program files>click on combo fix program file and look for the file they said,,,,,
also with vista if you index the C: drive then just type "combofix.txt" into the search box in start menu and it will come up instantly
good luck.

Read other 1 answers
RELEVANCY SCORE 43.2

Guys,
I am running XP pro SP3, 3.2GB pentium dual core, 4096 Ballistic ram.

over the last few days I have been having issues.. when I open my computer I get the looking for files torch for maybe 15/20 minutes before my drives appear? It is now getting worse... I went to do a reg clean and clicked on backup first and I always save files to same directory, I clicked on the browse button and it has now been stuck for 25 minutes.

I have tried to start bitdefender scan but it wont start, last scan was early hours of this morning and no issues were found.

Any ideas

Glas

A:Really slow in finding files

Hello & welcome to TSF

follow this link

http://www.techsupportforum.com/f174...ow-247567.html

you also may have to do this

what you need to do is follow this link

http://www.techsupportforum.com/secu...oval-help.html

for this to work properly you must follow all instructions

if you can not compleat a step make a note and then move to the next step

save all logs to the desktop for ease of reposting

when you have compleated the steps do not post back here you must start a ne post in the (Highjackthis Forum log help forum) of this site

stand strong for the techs there are busy

Read other 9 answers
RELEVANCY SCORE 43.2

I hope this is the right place for this post!
I am running Vista Home Premium 32 bit. I started having some issues that I couldn't find solutions for, so I decide to do a complete system reset. I used Windows Easy Transfer to save user account files to a CD. Reset the system, loaded the backup CD and ran WET. I followed the directions and was told that the transfer was complete. However, I can't find the files! The only personal data info on the system is the stuff added since the reset.
Any ideas about how to resolve this?

Thanks

A:Problem finding WET files

Originally Posted by cruzsgal


I hope this is the right place for this post!
I am running Vista Home Premium 32 bit. I started having some issues that I couldn't find solutions for, so I decide to do a complete system reset. I used Windows Easy Transfer to save user account files to a CD. Reset the system, loaded the backup CD and ran WET. I followed the directions and was told that the transfer was complete. However, I can't find the files! The only personal data info on the system is the stuff added since the reset.
Any ideas about how to resolve this?

Thanks



Can anyone help me?

Read other 4 answers
RELEVANCY SCORE 43.2

I have found that my computer has really slowed down when starting up and for a little while after that. I was talking to someone about it and they suggested to find the full startup list and delete the unneeded thing but he forgot how to get to it. Would u have any ideas how to find it.

Cheers
 

A:Finding StartUp Files

Hi,

You need Startuplist here :

http://www.lurkhere.com/~nicefiles/

But see also here :

http://www.pacs-portal.co.uk/startup_content.htm

For info on what items are needed in your startup.
 

Read other 2 answers
RELEVANCY SCORE 43.2

I recently needed to find some files (MS Word which contained a specific word). From Windows Explorer, I selected the root of the directory in which I thought the files resided, entered the word I wanted to find in the Search box, and 16 files were found.

I then repeated the search using a stand-alone search tool and it found several hundred files.

I looked at the search options and they ARE configured to search the directory in question and MS Word documents. (Since some files were found, it seems reasonable to assume that the search options are configured properly.) It also reported that my system was fully indexed.

Why does Windows Search fail to find files being sought?

A:Search not finding files

Did you select both .doc and .docx files in your search?

Read other 5 answers
RELEVANCY SCORE 43.2

I restored my laptop recently but before I restored it I had my old backup of my iPhone data on iTunes, but after restoring my PC, that old backup on iTunes is no longer popping up. So does this back that, that old back up is gone forever? Or is there a way to get it back?

A:Finding Old Files After Restoration

Originally Posted by napy666


I restored my laptop recently but before I restored it I had my old backup of my iPhone data on iTunes, but after restoring my PC, that old backup on iTunes is no longer popping up. So does this back that, that old back up is gone forever? Or is there a way to get it back?



Hey napy!

Did you not copy all the important files from the notebook to a external drive before the restoration of the OS?

If not, the data could be gone. A Restore of the OS usually requires a Format of the drive which will erase All data
on that drive prior to the re-install.

Open Computer and under the C:// drive, look for a folder named "Windows.old".
If your lucky, you should have that folder on the root of the C:// drive with all your
old data.Open it and see if the missing data has been saved. This will be a big folder size. (GBs)
Flashorn.

Read other 6 answers
RELEVANCY SCORE 43.2

Hi... I took a picture of myself to send to my boyfriends email...and didnt want anyone else to see it...so i tried making it have a pw and when i logged on you could STILL click on it and see it...so i right clicked on it and seen ATTRIBUTES: hidden ... and clicked the box.... i cant find the damn picture and i want to deleate it so that It wil not be on my computer anymore....

A:Finding Hidden Files

Hi jessr06

Try going to Start/ControlPanel/FolderOptions/View and changing the button to SHOW Hidden Files and Folders. Just don't forget to change it back when you are finished. Let us know how you go.

Cheers

Read other 2 answers
RELEVANCY SCORE 43.2

I only do what the voices in my head tell me to do....Click to expand...



I feel really stupid asking this out loud...but I have to admit I do not understand this or will not learn, right? Kinda right??

I do not really get the finding file thing. When I go to open a file, and this window comes up and I need to type something in so I can find it, and there is already a location determined, or just there (?)...what the heck do ya do to find what you want to? I am just lost when this comes up and just cancel out of it!! (chicken that I am!).

If anyone can please shed some tech-light on this area of mystery for me...I will try to grasp the concepts and get this down, finally, once and for all. My goal is to not have to cancel out of these searches and know what it is asking me to do to get to where I need to go!

Don't even know if the place is where I should actually be at, like when it comes up with "My Documents" for example. And the bottom item, with the .xxx after it, like xxx.txt, etc...what is that all about?

As you can obviously tell, I am lost but at least I will pull over and finally ask for directions!

Mucha Thanx!
 

A:Finding Files...not any stupid ?'s, right?

Hi parrotplay,
OK I will try and keep this as basic as possible, if you need more info don't hesitate to ask,it's really not that bad

Ok when you first click on the search tab you will have various options, the first 4 are the one's that you will probably need to begin with so here goes.

The first 2 options, Pictures \ music \ video
Documents \ word \ spread sheets

In both these cases once you have decided what you are looking for as in file type, click on the option needed, once you do this you will have more options, click on the advanced tag. You will now have the option to type in all or part of the file name you are looking for, also if you have multiply hard drives you can tick the appropriate drive letter to search ( hope this is ok so far )

The third option All files \ folders

This will take you straight to the advanced stage ( as above ) just do exactly the same as per telling it where to look and file name etc.

The forth option Computers \ people
This option deals with finding other computers on your network ( if you have more than one pc linked together ) or peple in your email address book ( as it says )

The first two options are probably the one's you need the most, experiment with saving a file ( give it a name you will remember ) and then trying to find it using the search.

I hope this was ok, as I said, if you need anything else ask, no problem

Good luck, and sorry for being long winded
 

Read other 2 answers
RELEVANCY SCORE 43.2

I am trying to find my index.dat files but I am having trouble. I am wondering if I can get a step by step list for finding them on windows vista? Also, must I be connected to the internet?
 

A:Help finding index.dat files

Windows Vista has a built in search function that you can use to find files and folders you are looking for.
 

Read other 2 answers
RELEVANCY SCORE 43.2

I purchased a CD with thousands of pictures on it but for some reason I can only see the flash application that shows you the pictures. The program is 3 megs, the total size of the files on the CD that you can see is 3megs. But with hunderds - thousands of pictures on there I know that the disc is full.. I've already tried 'show hidden files'.. I am wondering how the people who burned the CD hid the files and how I can access the pictures...

Thank you in advance,
Ash

PS. The content is NOT COPY WRITTEN - They are pictures of scenes from famous tourist places in Iran. I lost all the pictures I had taken and wanted to post some of these on facebook to show friends where I went. - Just a heads up for anyone who was concerned.

A:Finding hidden files on a CD

I would suggest that you contact the company you purchased the CD from. CDs hold ~ 700 MB; there may be an extraction app needed.

Read other 1 answers
RELEVANCY SCORE 43.2

I have changed OSs. Went from XP to Windows 2000 as is more stable for my press publishing needs. I copied my .pst contact list from msoutlook to a disk with the thought of copying it into msoutlook in wk2000 however I can't find the .pst file to copy it into. Could someone help me? I searched for .pst files but to no avail.
thanks
Keith
 

A:Finding MSoutlook .pst files

Read other 6 answers
RELEVANCY SCORE 43.2

i have ran Malwarebytes' antimalware on my laptop, and it keeps showing the same four files, when i look for them on my computer i cannot find them! says they are trojans...but i cannot find the files infected

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:58:44 PM, on 4/22/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Con... Read more

A:malwarebytes keeps finding same 4 files

might help if i add that i got the malware from anti-spyware 2009, my Malwarebytes scan says i have Trojan.Vundo.H in four files, but i cannot find them...it says to restart to remove them, but they dont go away
 

Read other 1 answers
RELEVANCY SCORE 43.2

Hey all. Just wondering if there was a very easy and simple way to find the number of files and directories that are listed within a hard drive for Windows XP. Thanks in advance for any insight.
 

Read other answers
RELEVANCY SCORE 43.2

I switched form a desktop running windows xp to a laptop with vista. My problem is that I loaned my desktop to a friend and when I got it back all of the files in my documents and my pictures were wiped. Can any of these files be recovered.
 

A:finding lost files

Did you look in the recycle bin?
Do a search for jpg files.
Look in Documents and Settings for your old profile, or any unknown profile.
Get better friends.
 

Read other 2 answers
RELEVANCY SCORE 43.2

Hello everyone,
my computer was attacked by vx2 malware, i tried everything to remove it but nothing worked, i was forced to reboot my computer twice. now i have lost all my work. i was wondering if i could retrive some files from my first installation.

thank you for your help
 

A:need help finding lost files

Did you do a clean install of the os? If so, there MAY be a chance using data recovery software. Some are free and some are not.

If you did not clean install the os, can you see your files / work?

Have you done a search for the files you want?
 

Read other 1 answers
RELEVANCY SCORE 43.2

the other day my dad went threw the computer and deleted a lot of trash but in the process he also deleted some files for some games he has also deleted everything from the recycle bin but how can i get these files back please help

thanks in advance, Nick

A:finding deleted files

I like freeware Restoration (it recovers from emptied recycle bin):

http://www.majorgeeks.com/Restoration_d4474.html

Of course there is better software but you have to spend $ for it.


good luck!

Read other 2 answers
RELEVANCY SCORE 43.2

I use Optima mail, I have down loaded a few things.  The applet does not show or give a location option, doing a search by file name indicates they are located in "files".  I have spent an hour trying to find "files" any help very much appreciated.  I hate 7 and 8 seems even worse!
 
Moderator Edit: Moved from Windows 7 to a more appropriate forum
Roger

A:Finding down loaded files

They may be located at Everdesk's root folder.
 
This is the top level folder in EverDesk. By default it is set to your My Documents folder. You can choose a root folder when starting up EverDesk for the first time, or via this settings menu.

Read other 5 answers
RELEVANCY SCORE 43.2

My file search is not finding files which I know are there, including files that I find and then try a search to see if windows eight can also find them. I have tried all the solutions' offered by googling 'windows 8 not finding file' such as the troubleshooter . One suggestion was to change the location of where to search to 'everywhere' but this option is greyed out.
Any ideas?

A:Search not finding files

Hello Trevor,

You might see if the items in the yellow Tip box at the top of the tutorial below may be able to help with your search results.

Search in Windows 8

Hope this helps,
Shawn

Read other 3 answers
RELEVANCY SCORE 43.2

I just loaded XP on a fresh harddrive. The old hard drive wouldn't boot but was hooked up as drive F as a slave. While trying to move a folder from old drive to new it disappeared. I never got a warning or message asking if I wanted to delete the folder but it's gone. Any way to recover the folder ?

Thanks

Fangers
 

A:Finding lost files

did you check your recycle bin?....or run a search for the folder to see if its hiding somewhere?

if not, then there are utilities out there to recover data but they are somewhat expensive. I would consider it gone.
 

Read other 1 answers
RELEVANCY SCORE 43.2

Not sure if this is the right forum...

I have alot of extraneous files hidden deep inside folder after folder, I want to be able to find all files that are NOT .wav, .mp3, .aif, .aiff, .rx2 and move them into a new seperate folder, leaving only those files type in the folders. Afterwards I would like to delete all empty folders.

Any suggestions?

Read other answers