Over 1 million tech questions and answers.

JRT Scan Keeps Finding The Following Files

Q: JRT Scan Keeps Finding The Following Files

Hi, I wonder if anyone can help with this following log. It turns up intermittently when I scan it with the Junkware Removal Tool.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Professional x64 
Ran by laptop (Administrator) on 22/09/2016 at 21:36:47.79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 10 
 
Successfully deleted: C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7ZWQ6H4J (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CUN1QW0H (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB53EJGC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RCY3X9H6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRBKUU52 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7ZWQ6H4J (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CUN1QW0H (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB53EJGC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RCY3X9H6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRBKUU52 (Temporary Internet Files Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/09/2016 at 21:39:11.37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
FARBAR SCAN....
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2016
Ran by laptop (administrator) on LAPTOP-PC (16-10-2016 11:53:41)
Running from C:\Users\laptop\Downloads
Loaded Profiles: laptop (Available Profiles: laptop)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-09-16] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1284569799-4081718299-317326855-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1284569799-4081718299-317326855-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2C622BB7-9E72-41AE-BB93-F7F7C39EFF4E}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1284569799-4081718299-317326855-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-1284569799-4081718299-317326855-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.co.uk/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-16] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-05-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-05] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1284569799-4081718299-317326855-1000: @citrixonline.com/appdetectorplugin -> C:\Users\laptop\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-06-29] (Citrix Online)
 
Chrome: 
=======
CHR Profile: C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default [2016-10-16]
CHR Extension: (Google Drive) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-27]
CHR Extension: (YouTube) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-27]
CHR Extension: (Adblock Plus) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-24]
CHR Extension: (Google Docs Offline) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-27]
CHR Extension: (Gmail) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-27]
CHR Extension: (Chrome Media Router) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-21]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3192560 2016-07-26] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-09-18] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-16 11:53 - 2016-10-16 11:53 - 02406912 _____ (Farbar) C:\Users\laptop\Downloads\FRST64.exe
2016-10-16 11:53 - 2016-10-16 11:53 - 00009823 _____ C:\Users\laptop\Downloads\FRST.txt
2016-10-16 11:53 - 2016-10-16 11:53 - 00000000 ____D C:\FRST
2016-10-16 11:52 - 2016-10-16 11:52 - 01756672 _____ (Farbar) C:\Users\laptop\Downloads\FRST.exe
2016-10-11 11:05 - 2016-10-11 11:05 - 03874368 _____ C:\Users\laptop\Desktop\AdwCleaner.exe
2016-10-11 10:39 - 2016-10-11 10:40 - 00000000 ____D C:\Users\laptop\Desktop\Simon New
2016-09-20 20:50 - 2016-10-15 15:24 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-09-18 12:44 - 2016-09-18 12:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-09-18 12:44 - 2016-09-18 12:44 - 00000000 ____D C:\Program Files\RogueKiller
2016-09-17 15:35 - 2016-09-17 15:35 - 00012060 _____ C:\Users\laptop\Downloads\131549.pdf
2016-09-17 15:20 - 2016-09-17 15:20 - 01610560 _____ (Malwarebytes) C:\Users\laptop\Desktop\JRT.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-16 11:48 - 2015-10-30 22:30 - 00000000 ____D C:\ProgramData\MFAData
2016-10-16 11:47 - 2015-06-29 18:55 - 00000664 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1284569799-4081718299-317326855-1000.job
2016-10-16 11:45 - 2016-07-27 12:00 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-16 11:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-16 01:27 - 2015-06-29 18:55 - 00000568 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1284569799-4081718299-317326855-1000.job
2016-10-16 01:18 - 2016-07-27 12:00 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-15 23:53 - 2009-07-14 05:45 - 00022288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-15 23:53 - 2009-07-14 05:45 - 00022288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-15 11:43 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-12 15:29 - 2009-07-14 06:13 - 00781782 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-12 15:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-10-11 22:00 - 2015-02-09 17:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-10-11 11:07 - 2016-08-11 12:19 - 00000000 ____D C:\AdwCleaner
2016-10-11 10:47 - 2015-08-04 15:12 - 00000020 ____H C:\ProgramData\PKP_DLbx.DAT
2016-10-10 01:35 - 2015-08-27 15:41 - 00000000 ____D C:\Users\laptop\AppData\Local\CrashDumps
2016-10-08 23:03 - 2015-12-17 21:06 - 00000000 ____D C:\Users\laptop\AppData\Roaming\Skype
2016-10-04 11:11 - 2015-06-29 18:55 - 00003694 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-1284569799-4081718299-317326855-1000
2016-10-04 11:11 - 2015-06-29 18:55 - 00003598 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1284569799-4081718299-317326855-1000
2016-10-03 22:20 - 2016-07-27 12:02 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 22:20 - 2016-07-27 12:02 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-03 17:01 - 2015-12-17 21:05 - 00000000 ____D C:\ProgramData\Skype
2016-09-28 23:28 - 2015-02-10 16:34 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-22 21:39 - 2016-07-27 12:07 - 00002201 _____ C:\Users\laptop\Desktop\JRT.txt
2016-09-21 07:55 - 2015-02-05 22:32 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-21 07:54 - 2015-02-05 22:30 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-09-18 12:45 - 2015-08-14 19:41 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
 
==================== Files in the root of some directories =======
 
2015-08-04 14:36 - 2015-08-04 14:36 - 0000268 ___RH () C:\Users\laptop\AppData\Roaming\Printers
2015-08-04 14:37 - 2015-08-04 14:37 - 0000268 ___RH () C:\Users\laptop\AppData\Roaming\PrintingModule
2015-08-04 14:36 - 2015-08-04 14:36 - 0000268 ___RH () C:\Users\laptop\AppData\Roaming\PrintsService
2015-08-04 15:16 - 2015-08-04 15:16 - 0000268 ___RH () C:\Users\laptop\AppData\Roaming\User Pictures
2015-08-04 15:16 - 2015-08-04 15:16 - 0000268 ___RH () C:\Users\laptop\AppData\Roaming\Utilities
2015-08-04 15:12 - 2016-10-11 10:47 - 0000020 ____H () C:\ProgramData\PKP_DLbx.DAT
2015-08-04 15:16 - 2015-08-04 15:16 - 0000020 ____H () C:\ProgramData\PKP_DLck.DAT
2015-08-04 14:37 - 2015-08-04 14:37 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-08-04 14:36 - 2015-08-04 14:50 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-08-04 14:36 - 2015-08-04 14:36 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2015-08-04 14:36 - 2015-08-04 14:36 - 0000268 ___RH () C:\ProgramData\Project Templates
2015-08-04 14:37 - 2015-08-04 14:37 - 0000268 ___RH () C:\ProgramData\Quartz Composer
2015-08-04 14:36 - 2015-08-04 14:36 - 0000268 ___RH () C:\ProgramData\Radio Sounds
2015-08-04 14:36 - 2015-08-04 14:36 - 0000012 ___RH () C:\ProgramData\Sampler Files
2015-08-04 14:37 - 2015-08-04 14:37 - 0000012 ___RH () C:\ProgramData\Sci-Fi
2015-08-04 14:36 - 2015-08-04 14:36 - 0000012 ___RH () C:\ProgramData\Screen Savers
2015-08-04 15:16 - 2015-08-04 15:16 - 0000268 ___RH () C:\ProgramData\WebServer
2015-08-04 15:16 - 2015-08-04 15:16 - 0000268 ___RH () C:\ProgramData\Widgets
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-10-12 15:50
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2016
Ran by laptop (16-10-2016 11:55:01)
Running from C:\Users\laptop\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-02-01 14:56:19)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1284569799-4081718299-317326855-500 - Administrator - Disabled)
Guest (S-1-5-21-1284569799-4081718299-317326855-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1284569799-4081718299-317326855-1002 - Limited - Enabled)
laptop (S-1-5-21-1284569799-4081718299-317326855-1000 - Administrator - Enabled) => C:\Users\laptop
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
AVG (Version: 16.111.7797 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4664 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.111.7797 - AVG Technologies)
Capture NX 2 (HKLM\...\Capture NX 2) (Version: 2.4.7 - NIKON CORPORATION)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
FMW 1 (Version: 1.132.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.24.0.5636 (HKU\S-1-5-21-1284569799-4081718299-317326855-1000\...\GoToMeeting) (Version: 7.24.0.5636 - CitrixOnline)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.09.03 - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4859.1002 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1284569799-4081718299-317326855-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.3.0 - Nikon)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.5.1 - Nikon)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0010 - Realtek)
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.3.0 - Nikon)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1284569799-4081718299-317326855-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\laptop\AppData\Local\Citrix\GoToMeeting\2759\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1CEAA767-0860-4B11-AB40-2BDB768549F1} - System32\Tasks\G2MUploadTask-S-1-5-21-1284569799-4081718299-317326855-1000 => C:\Users\laptop\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe [2016-10-04] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {27D86FB3-A5EF-47AC-9B60-BA7FB4E33145} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
Task: {3A9B0B1E-32BE-43D9-BCD2-83C7FCE29CC6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
Task: {3DB11AE0-FF5E-4E4C-A91A-F5FB87C74E7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-27] (Google Inc.)
Task: {7FBEB1D4-ED25-482C-A55A-7C62C60499EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-27] (Google Inc.)
Task: {D9F1502C-4C8E-45A3-A4D7-F993EFCA13A4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks [Argument = /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig"]
Task: {E1517C6E-522F-4529-9789-CB486C691C5A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {E96F519A-7513-4BDD-8C0A-0765D237525D} - System32\Tasks\G2MUpdateTask-S-1-5-21-1284569799-4081718299-317326855-1000 => C:\Users\laptop\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe [2016-10-04] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EB648662-DD3F-431A-8079-CAFD0941052C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {F9FC121A-DE00-4EE6-B0FE-1007AC841516} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {FC57ABAF-DD8C-4C81-9667-C1CE666B5E5E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-07-26] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1284569799-4081718299-317326855-1000.job => C:\Users\laptop\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1284569799-4081718299-317326855-1000.job => C:\Users\laptop\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-26 18:26 - 2016-05-24 17:43 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-02-05 22:30 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-01-10 22:12 - 2012-01-10 22:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-10-03 22:20 - 2016-09-25 07:02 - 02279528 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-03 22:20 - 2016-09-25 07:02 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll
2016-07-26 18:17 - 2016-07-26 18:17 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2015-09-30 23:56 - 00000747 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1284569799-4081718299-317326855-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\laptop\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\startupfolder: C:^Users^laptop^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{577A799E-E93C-473E-A124-228C3A09294A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{A87363D8-B83B-4383-B3EB-3D72F9CFFC97}] => (Allow) C:\Users\laptop\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{806473AF-F799-4DD8-BAC2-0251C610BA09}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FB2CF0DF-3DFD-471D-94AA-F0E1A19D1C7F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{ED91A7D2-2A9A-487A-8ED2-6A1808B64CB0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{34BE60E1-3C59-4C86-9713-49472C5DD664}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{A6EBC1A8-757E-45EE-AC9F-C97292E78674}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
13-09-2016 08:01:38 Scheduled Checkpoint
17-09-2016 15:21:10 JRT Pre-Junkware Removal
22-09-2016 21:36:51 JRT Pre-Junkware Removal
12-10-2016 15:56:37 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/16/2016 11:46:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (10/15/2016 11:53:53 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (10/15/2016 11:44:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (10/14/2016 04:45:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (10/14/2016 01:43:14 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (10/14/2016 01:34:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (10/14/2016 10:10:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (10/13/2016 10:59:50 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (10/13/2016 10:51:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (10/12/2016 11:47:10 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
 
System errors:
=============
Error: (10/16/2016 11:46:24 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.
 
Error: (10/15/2016 04:34:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
 
Error: (10/14/2016 04:48:23 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
 
Error: (10/14/2016 04:47:44 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
 
Error: (10/13/2016 01:09:11 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
 
Error: (10/12/2016 12:37:36 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
Error: (10/12/2016 12:37:36 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
Error: (10/12/2016 12:37:35 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
Error: (10/12/2016 12:37:35 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
Error: (10/12/2016 12:37:34 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5 CPU M 480 @ 2.67GHz
Percentage of memory in use: 63%
Total physical RAM: 3892.55 MB
Available physical RAM: 1407.3 MB
Total Virtual: 7783.29 MB
Available Virtual: 5372.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.75 GB) (Free:389.07 GB) NTFS ==>[drive with boot components (obtained from BCD)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FB508AE8)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

Read other answers
RELEVANCY SCORE 200
Preferred Solution: JRT Scan Keeps Finding The Following Files

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

RELEVANCY SCORE 65.6

Hi,
My laptop has been acting very odd lately: slow, always full of viruses. This morning I ran adaware and stopped it when it started scanning the 300,000th file -- usually it stops around 100,000. I disconnected it from the internet and am in the process of running microsoft antispyware. Last time I ran spysweeper, it usually takes 7-10 minutes, it went 79 minutes. Anyone have any ideas?
Thanks a ton,
Sandy
 

A:Adaware finding 300,000 files to scan

Read other 16 answers
RELEVANCY SCORE 65.2

Ok.
 
I have two files Avast can not scan. 
 
C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\servicing\Sessions\11312_596062500.back.xml
 
error: the file cannot be accessed by the system (1920)
 
C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\servicing\Sessions\11252_596032657.back.xml
 
error: the file cannot be accessed by the system (1920)
 
They look like they might be something to do with Windows 10?
 
I might have  typo in the warnings - i had to type these in as i cant see how you grab a report from avast.
 
Any ideas?

A:Avast on Win 7 finding two files it can not scan. Win 10 files?

Correct windows 10 is downloading in the background and there are two folders BT and WS they are, I believe, password prot4ected files until they are installed

Read other 1 answers
RELEVANCY SCORE 54

Hello
 
This is an old Vista Home Premium (service pack 2) laptop that I have and want running smooth again. The files JRT finds are always:
 
 
C:\Users\utilisateur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1A0ASBV8
&
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1A0ASBV8
 
 
There's always 5 of each, and the bold text changes everytime.
 
 
Issues I'm experiencing and for which I found no solution:
 
-svchost.exe permanently taking 50% CPU
-windows uptade unresponsive (searches forever)
-failed security update KB3073921 (error code 80242016)
-unable to use the "turn windows features off" option (prog bar never advances, CPU @ 100%)
 
What I've done:
 
-verify which svchost.exe takes that much CPU; likely not a virus (all services under the host are legitimate windows/system32)
-try run windows update in safemode + network (cannot load it, wont open)
-chkdsk /f /r (not sure how to interpret the results; i have the log)
-sfc /scannow (no violation found)
-try download and install failed update from windows (same result, msu file opens but loads/searches forever)
-run scans with: Panda Global 2016, MB Antimalware, ESET, AdwCleaner, MB Antirootkit & JRT (1 before and 1 after using rKill)
 
Panda, Antimalware, Adwrcleaner & Antirootkit found nothing. Eset found 6 things which I removed and didnt came back. JRT is the issue.... Read more

Read other answers
RELEVANCY SCORE 49.2

I have scanned this machine with Avast, Spybot, VunduFix, VirtumundoBegone,...Doesn't seem to help. Can you offer me more guidance? Your assistance is appreciated.My HJT log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:42:36 PM, on 1/10/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16574)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeC:\Program Files\Dell\NICCONFIG... Read more

A:Avast Scan Keeps Finding Win32:tratbho

Please don't respond yet. Ran another Spybot scan and got a completely different result. Cleaning those items and testing.

Read other 3 answers
RELEVANCY SCORE 49.2

does norton/symantec offer a free, on-demand av scan, or do you have to purchase something from them? i can't seem to find it. thanks, Ed James

A:Finding Norton/symantec Free Av Scan

Symantec Security CheckYou can also find other online scans listed here:Freeware Replacements For Common Commercial Apps

Read other 9 answers
RELEVANCY SCORE 49.2

A couple of days ago, I got a pop up from my Norton Anti virus telling me that my computer was infected by a trojan called zhopaizdupla.exe. After scanning with Norton and then Spysweeper I found nothing. Then I downloaded another spyware remover called Prevx1, and it found nothing. How do I get rid of this? I have included a copy of my HJT scan, and I would like to also learn how to interpret the results fo future de-bugging.

Logfile of HijackThis v1.99.1
Scan saved at 1:00:56 PM, on 22/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Prevx1\PXConsole.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Prevx1\PXAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Prog... Read more

A:Need help finding and getting rid of zhopaizdupla.exe trojan; HJT scan included.

Hi and welcome to TSG,
Download the trial version of Ewido Anti-Malware here.
Install ewido.
During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
Launch ewido
It will prompt you to update click the OK button and it will go to the main screen
On the left side of the main screen click update
Click on Start and let it update.
DO NOT run a scan yet. You will do that later in safe mode.
Click here for info on how to boot to safe mode.
Restart your computer into safe mode now. Perform the following steps in safe mode:
Run Ewido:
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your desktop

Restart back into Windows normally now.
Run ActiveScan online virus scan here

When the scan is finished, save the results from the scan!
Come back here and post a new HijackThis log, as well as the logs from the Ewido and Panda scans.
 

Read other 2 answers
RELEVANCY SCORE 48.8

HiI've recently had a problem with Avast - a popup keeps coming up telling me that a threat has been blocked, usually two in quick succession, even when I'm not browsing the internet. This happened immediately after I tried to open a torrent-downloaded avi file that my computer later identified as containing a virus. My computer is also sluggish and slow. However, avast cannot find any malware and neither can other cleaning programs I've tried. Can you help?CheersDom(I've included a screenshot so you can see the popup details - bottom left hand of the screen)

Read other answers
RELEVANCY SCORE 48.8

OK I've tried to find a link to solve this problem but I've had no luck. I'm having a problem with IE pop ups. Continuous and varying popups continue appearing whenever I am connected to a network no matter if I'm using IE or not. I also noticed that the popups kind of relate to the recent browsing I've done. I don't know if that's just my imagination. I use Mozzilla and it has no such problem, but IE popups still come. I run Spybot S&D regularly as Well as McAfee and they both continue to find adware and trojans. I suspect that I have an inbeded virus or a root kit but I don't know how to fix it. Please include ways to get around the annoying vista preventive measures because I haven't figured out all of those tricks either (i.e. not being able to delete certain files, required permissions exceptions, ect.). Here is the HJT log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:04:24 PM, on 6/30/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\ico.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozi... Read more

A:Internet EXP popups. Virus scan keeps finding stuff.

I don't mean to be impatient, but is it normal to wait more than a week for a reply? Also more updates on the problem some of the things that keep reappearing SmitFraud adware, Ego TV popups, get rich quick with Google adds popups. I'll keep updating as I remember the popups and things. I tend not to pay attention to them anymore besidestaking the time to close the windows.
 

Read other 1 answers
RELEVANCY SCORE 48

Following a visit to a site upon which a 'gif' file dodged my popup blocker I decided to do some scans. I did a Kaspersky scan and it found nothing, my sister nagged me into doing a panda online scan...the scan is ongoing and has so far found two suspicious files and three infected, it's under thirty per cent done. When the panda scan is done I'll post more about it.I'm running an A squared scan now also and another Kaspersky scan. When the A squared scan is done, I'll post again about its findings. Kaspersky found nothing on the second scan. A squared found a high risk virus called Virus.Win32.Virut!IK, I have quarantined it but not deleted. I'm now including the A squared report in the attachments.There is no unusual internet activity, the only thing that worried me a bit was that my laptop started up slowly...but it's been doing that for a while.Don't hesitate to tell me if I've done anything wrong or need to do/can do more....just posting this has made me feel better DDS log:DDS (Ver_09-12-01.01) - NTFSx86 Run by Sarah at 16:57:54.33 on 29/01/2010Internet Explorer: 8.0.6001.18882Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.44.1033.18.3034.881 [GMT 0:00]AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E4... Read more

A:Visited unsafe site, panda scan is finding infection

Sorry to be posting again on my topic, I have important information to add and can't find the 'edit' button I acted on some advice I was given to get rid of the virus that a Squared found and reformatted my hard drive (my brother did this for me....restore factory image is what exactly).I did another A squared scan and have found nothing...however, Kaspersky found this as a threat:04/02/2010 17:17:35 Detected: http://www.viruslist.com/en/advisories/28506 c:\program files\microsoft office\office12\excel.exe I'm posting new DDS and rootrepeal information now to make sure I'm clean.DDS (Ver_09-12-01.01) - NTFSx86 Run by Mister Awesome at 18:51:58.13 on 04/02/2010Internet Explorer: 7.0.6001.18000Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.44.1033.18.3034.1885 [GMT 0:00]AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: Kaspersky Internet Security *enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k se... Read more

Read other 12 answers
RELEVANCY SCORE 48

I have been having an issue with Symantec Leaving my logs full with scan Omissions 99% of which are compressed. After doing considerable research I find symantec gives a nice list of possabilities and things to look into. Personally none of these fixed my issue, but it may yours. If Anyone has any Ideas to add to Symantec's offical list of reasons for scan omissions please do.---------------------------------------------The following is From Symantec @ http://service1.symantec.com/SUPPORT/ent-s...002073015235648Event ID 6Solution:This event is typically encountered when any of the following occurs: You scan a compressed file that contains a password-protected file. The decomposer engine cannot provide the password required to gain access to the file, so it will be omitted during a scan. You scan files that have been locked for access by the operating system and access cannot be released to the scanner because the file is in use. You scan files that are recursively compressed to a depth that is more than the scan engine is set to scan. By default, the scan engine is set to scan a maximum depth of three levels (for example, a zip file contained within a zip file contained within another zip file). You scan files with LH7 compression, which is not a supported format. These compressed files commonly have an .lzh extension, and they are omitted by the scan. You scan files that are in use by another user. This is most commonly seen when you scan user directories and shared folders... Read more

Read other answers
RELEVANCY SCORE 47.6

Ok after I scanned with super antispy software and removed everything, I started getting bad image file errors with .dlls popping on anything opened and on startup. I cant get DDS to run it just pops up a command prompt and never does anything. So I will attach the gmer txt and post my HJT log here.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 951 PM, on 12/3/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELServic... Read more

A:bad image files after scan with a super anti scan

bump please.

Read other 4 answers
RELEVANCY SCORE 45.6

I have windows vista and I need help finding FLV files and flash files on the computer .

Yes I checked C:\Users\mike\AppData\Local\Microsoft\Windows\Temporary Internet Files
I cannot fined any FLV files and flash files .Where else can I look for it ? Any where it saves it in temep folder ? Now I'm trying play it with out a bandwith overload but cannot find the FLV files and flash files .
I'm over the the bandwith .
 

A:Need help finding FLV files and flash files on the computer

Read other 6 answers
RELEVANCY SCORE 45.2

Good afternoon,

I have been experencing really low internet speeds on my computer. I have ran many tools such as HiJack this, ComboFix, AVG (Including rootkit) and Malwarebytes. Several of these tools found things here and there which seemed to have been removed.

I have set my computer up to dual boot WIN XP/WIN 7. I only experience the low speeds while using Win 7 which seems to make me thing that something is taking the majority of my bandwidth usage.

Could any take a look at my logs and see if there is anything going on before I decide to reinstall the os.

P.S I have also included my HijackThis log file.

Thanks in advance!

A:DDS scan and GMER scan log files.

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===This process looks suspicious.C:\Users\James\Desktop\Security Tools\mb9soxkz.exeDo you know what it is?Did you installed this driver or do you know which application needs it.R1 enport;enport;c:\windows\system32\drivers\enport.sysIt may be valid but I cannot find sufficient information on it.===Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofixLink 1Link 2* IMPORTANT !!! Save ComboFix.exe to your DesktopIMPORTANT....1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Do not install any other programs until this if fixed.How to : Disable Anti-virus and Firewall...http://www.bleepingcomputer.com/forums/topic114351.htmlDouble click on ComboFix.exe & follow the prompts. When finished, it will produce a report for you. Please post the C:\ComboFix.txt Note:Do not mouse click ComboFix's window while it's running. That may cause it to stallNote: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleeping... Read more

Read other 2 answers
RELEVANCY SCORE 44

I'm seeing the same four files repeat in the Temp Files / Shortcuts section of a Registry Mechanic scan.

\C:\ProgramData\McAfee\VirusScan\Data\TFRBBC1.tmp
\C:\ProgramData\Microsoft\Search\Data\Application\Windows\MCC.chk
\C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv01.tmp
\C:\Users\Kevin\AppData\Local\Microsoft\Windows Mail\edb.chk

I'm also seeing the following two files in the Deep Scan section.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache\7971f918-a847-4430-9279-4a52d1efe18d
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Reporting\EventCache\9482fb4-e343-43b6-b170-9a65bc822c77

Recent history: Less than a week ago, during a routine McAfee antivirus scan I discovered a half dozen files associated with the Artemis trojan. Several months earlier I found and debugged (also with McAfee) a different trojan. And the laptop has been slow for several weeks/months.

In anticipation of getting help here I tried running RootRepeal. That ran for more than 24 hours. So I stopped it. Then I tried running SysProt AntiRootkit. But McAfee wouldn't accept it and returned the following message.

McAfee has automatically blocked and removed a Trojan.
About this... Read more

A:Registry Mechanic repeat Temp Files / Shortcuts and Deep Scan files

Anybody have time to help with this one?

Read other 4 answers
RELEVANCY SCORE 43.6

I have copied files from an infected computer to...
- a flash drive and a
- portable hard drive that plugs into a usb port

- the files I want to copy are both data files and application files...
- Data files include: text files, ms office documents, image files, videos, etc
- Application files include: MS Access mdb (data base) files which may include visual basic for applications code
- Ditto for Excel files
- Some application development stuff like MS Visual Studio Projects

How can I safely scan these files before putting them on a clean computer?

Thanks for any help.

PS

I think I have 'Autorun' turned off on the clean computer via using RegEdit to go to...
HKEY_CURRENT_USER > Software > Microsoft > Windows > CurrentVersion > Policies > Explorer > "NoDriveTypeAutoRun"

... and verifying that the hex value of the first byte is 95
... which as I understand it 'exclueds' unknown, removable, and remote drives from 'autorun'
... via instructions here... http://autorun.moonvalley.com/enable.htm

A:How to safely scan data files (or other files) on external drive?

Install Panda USB Vaccine, or BitDefender?s USB Immunizer on your computer to protect it from any infected USB device.Then you're safe to connect any external device and scan it with your AV program.

Read other 5 answers
RELEVANCY SCORE 43.6

Is there any reason when I do a search for files on my PC, as in START/FIND/FILES or FOLDERS that it doesn't find the files that I have saved within Outlook Express?

For instance, I know SOMEWHERE in my OE I have an email with an attached jpg. in it named PhillyJimmy in it.... but when I do a search of my hard drive (C) it will not find the file. Shouldn't find files or folders find that file name if it's exact?

Thanks

DAVID

DELL PIII 450MHz
Win98se
 

A:Finding files within OE...???

Hey BigDave

Yes, there is. OE is a database program - your emails are not files, they are information stored within the index files (.DBX). The only way to use search to find something there is to specify what text you are looking for in search. And for files, you would enter *.dbx.

However, if you know it is in a folder in OE, you can use the "search" included in OE.
Click Edit->Find Message In This Folder. If it stops at a possible email and it is not the one, pressing F3 will make it continue the search until it has gone through a folder.
 

Read other 1 answers
RELEVANCY SCORE 43.6

Hi

I keep a couple of .txt files on my desktop, so I can easily refer to them.

Today I lost them. They are not in the recycle bin though, it has not been emptied since July, so, where can these files be please?

I have done a search for them, and they just seemed to have vanished without trace.

Please could someone help me locate them?

Thanks
 

A:Help pls, in finding some .txt files.

Read other 6 answers
RELEVANCY SCORE 43.6

this is a bit of an embarrassing question but please bear in mind that I am a novice at this. I understand about FTP but how do you actually find FTP files in the first place? Is there a search engine in the same way as for normal website pages? Or do you just look for the FTP option when you are downloading files?

Thanks for your help.

Jamie

A:finding FTP files

FTP is File Transfer Protocol. As such, it is a definition for a mechanism to transfer files over a network.

So, there aren't any "FTP Files" since you could theoretically FTP any file.

I believe you're referring to "FTP Sites". Usually, FTP sites are maintained by businesses or individuals who would like to allow people to transfer files to or from them quickly - using FTP. Usually these sites are technical or scholarly in nature - like a computer company having update files on it's FTP site. There will usually be a link on a companies home page. Or a user might have an FTP server with MPEG or MP3 files on it available for download.

As stated, you usually have to be told of the existence of an FTP site or server. You could just "gues" however, this is the hard way.

FTP is "quicker" than using HTTP although file transfer is possible with both.

Modern browsers are capable of changing from HTTP to FTP pretty seamlessly to the user.

Older users (like me ;) or "power users") sometimes prefer the command line FTP which can give a little more control over the intracacies of the protocol. Some programmers have built this into GUI FTP programs such as WS-FTP.

Hope this helps.

Read other 3 answers
RELEVANCY SCORE 43.6

hi can anyone help please i had to reformat my pc as it crash while doin a system recovery. ive lost all my mp3s data files. pictures how can i find them all again there in a differnt partition

thanks dave
 

A:help finding files please

Did you do a Full install?
When you say on a different partition was it still on the same Hard drive?
 

Read other 3 answers
RELEVANCY SCORE 43.6

Can someone please tell me if a history and temp internet file exist in win2k and if so where can they be found???? Thanks.

Ryan
 

A:help finding files

to find the temp internet file location go to tools menu, internet options. middle section titled temp internet files, select the settings button, it will display the location of the storage location
That is also where the cookies are stored I beleive
 

Read other 1 answers
RELEVANCY SCORE 43.6

I posted about missing files after malware cleanup seperately because i don't want to combine the two. I have a question about how to get rid of files i see in my Secunia psi program but never see them listed in windows uninstaller, Revo uninstaller or even Iobit uninstaller .

Thank you very much, the help is truly appreciated.

A:finding files

Hello -Since you have no record of Malware Cleanup at this forum, could you please tell or link us to that particular item -I think that one minor problem may be related to the IObit programs installed on your system.It is unfortunate that this program / company has a habit of confusing some of your files, and makes them hard to find.The first / best option is to remove IObit from your computer. Next uninstall Secunia PSI Version 3 if that is what you use.Then you can install Secunia PSI Version 2, and not use the latest Version 3, that is a bit more complicated.You may find the earlier version of Secunia is much easier to manage, and easier to handle for many people (me included).Thank You - EDITED to add Secunia 2 Link -

Read other 5 answers
RELEVANCY SCORE 43.6

I'd appreciate a little help with a problem I'm having in finding files. I suspect it might have to do with Libraries which I don't fully understand.

If I go to C:\music I can see any number of music files located there. But when using another program and their option to "browse", when I go to the same folder I see none of the music files. Kinda like a magic act!

Could anyone point me in the right directions?

Thanks. Jim

A:Finding files

  
Quote: Originally Posted by Lykele


I'd appreciate a little help with a problem I'm having in finding files. I suspect it might have to do with Libraries which I don't fully understand.

If I go to C:\music I can see any number of music files located there. But when using another program and their option to "browse", when I go to the same folder I see none of the music files. Kinda like a magic act!

Could anyone point me in the right directions?

Thanks. Jim


If you click "Start", "Computer", there is a "Search" window in the right corner. You can put the file name (Blue.mp3) or if you don't know the file name, put *.mp3

It will bring them up.

Read other 4 answers
RELEVANCY SCORE 43.2

Have just returned my computer to factory condition, and although I am very pleased with the result, I am having difficulty in finding and recovering Office data from my Ex. HD. The problem is that I really dont know how to open these files or which files to even open. Below is a section of files from 'HomePC' uploaded from the hard drive. Can someone help please?

A:External HD-Finding Files

Right-click - Extract each folder.

Read other 10 answers
RELEVANCY SCORE 43.2

Everytime I start my computer I get a window in the bottom left corner that says these files cannot be found and windows searches for them.

I just keep clicking Cancel then I get some other error message so I close that then I get an illegal operation right away. Grrrrrrrrrrrrrrr

So anyone know what these files are for or if I can safely delete them from the computer? All files are in the C:\WINDOWS\All Users\Start Menu\Programs\StartUp folder.

All files end in the .exe extension too.

2ljdb6e
44ocf0mt
1frix0xy
pv0nevec
qrzx3vjn
j0o4bg1l
z19lxpl7
qckq9tie
z19lxpl7
morze1 and morze5
fen5lzwa
v53m134q
bz4fg5pr
w906jhko
xape0wiv
pf44j8ho
1k7defwf
fqtyb8ed
j60vjz1
j403odmd
1t7nrir

I did do a scan with search and destroy but I don't think It cleaned any spywear out or off of my computer. It did however find 201 infected files!

Computer runs slower then usual. Can I go in and search for these files and delete them safely?
 

A:Problems finding some files...

Read other 16 answers
RELEVANCY SCORE 43.2

I have found that my computer has really slowed down when starting up and for a little while after that. I was talking to someone about it and they suggested to find the full startup list and delete the unneeded thing but he forgot how to get to it. Would u have any ideas how to find it.

Cheers
 

A:Finding StartUp Files

Hi,

You need Startuplist here :

http://www.lurkhere.com/~nicefiles/

But see also here :

http://www.pacs-portal.co.uk/startup_content.htm

For info on what items are needed in your startup.
 

Read other 2 answers
RELEVANCY SCORE 43.2

I recently got an SSD and followed this guide to set it up properly
How to: Setup SSD boot drive with secondary Hard disc optimization

My problem is that once I finished it and everything was quick, I was too stupid to not back up at all and I cut/paste the contents of the user folder's video, music and pictures into the windows libraries. Now I cannot log back into the account, and with my other accounts, I cannot find any of the files. Any one knows where they went or if they still exist?

A:Need help finding location of files

You cannot move anything into libraries - only into folders. Libraries are only an index of folders. But if you move something to a library, it ends up in the default folder of that library. Look into the libraries Properties and see what the default folders are.

Read other 5 answers
RELEVANCY SCORE 43.2

I hope this is the right place for this post!
I am running Vista Home Premium 32 bit. I started having some issues that I couldn't find solutions for, so I decide to do a complete system reset. I used Windows Easy Transfer to save user account files to a CD. Reset the system, loaded the backup CD and ran WET. I followed the directions and was told that the transfer was complete. However, I can't find the files! The only personal data info on the system is the stuff added since the reset.
Any ideas about how to resolve this?

Thanks

A:Problem finding WET files

Originally Posted by cruzsgal


I hope this is the right place for this post!
I am running Vista Home Premium 32 bit. I started having some issues that I couldn't find solutions for, so I decide to do a complete system reset. I used Windows Easy Transfer to save user account files to a CD. Reset the system, loaded the backup CD and ran WET. I followed the directions and was told that the transfer was complete. However, I can't find the files! The only personal data info on the system is the stuff added since the reset.
Any ideas about how to resolve this?

Thanks



Can anyone help me?

Read other 4 answers
RELEVANCY SCORE 43.2

I am trying to find my index.dat files but I am having trouble. I am wondering if I can get a step by step list for finding them on windows vista? Also, must I be connected to the internet?
 

A:Help finding index.dat files

Windows Vista has a built in search function that you can use to find files and folders you are looking for.
 

Read other 2 answers
RELEVANCY SCORE 43.2

I just loaded XP on a fresh harddrive. The old hard drive wouldn't boot but was hooked up as drive F as a slave. While trying to move a folder from old drive to new it disappeared. I never got a warning or message asking if I wanted to delete the folder but it's gone. Any way to recover the folder ?

Thanks

Fangers
 

A:Finding lost files

did you check your recycle bin?....or run a search for the folder to see if its hiding somewhere?

if not, then there are utilities out there to recover data but they are somewhat expensive. I would consider it gone.
 

Read other 1 answers
RELEVANCY SCORE 43.2

This seems like the sort of thing which be so simple...

I have connected a friend's iPhone to my PC, so that I can copy some photos taken between particular dates (03-Feb-19 to 20-Feb-19). But there are many photos there, taken on many dates and spread across a large number of sub-folders of the DCIM folder. Plus the file creation dates are not always easy to organise. Putting that column in date order in Windows Explorer doesn't always put the dates in date order...

Is there a file finder which can find those files reliably?

Tech Support Guy System Info Utility version 1.0.0.4
OS Version: Microsoft Windows 10 Home, 64 bit
Processor: Intel(R) Celeron(R) CPU J3060 @ 1.60GHz, Intel64 Family 6 Model 76 Stepping 4
Processor Count: 2
RAM: 3941 Mb
Graphics Card: Intel(R) HD Graphics, 1024 Mb
Hard Drives: C: 149 GB (80 GB Free); D: 780 GB (651 GB Free);
Motherboard: ASUSTeK COMPUTER INC., A_F_K20CE
Antivirus: Windows Defender, Enabled and Updated
 

A:Finding files by date

You should be able to view each subfolder by date.

what happens when you select a subfolder?
 

Read other 1 answers
RELEVANCY SCORE 43.2

I did a non destuctive format of my hard drive now i can't find anything that was in my documents. I can locate all the stuff from the other accounts but mine have seemed to disappear. My drive still shows the same amount of usage so trhey should be somewhere i just can't locate them..

A:Finding lost files.

Hello Blizz,Your situation seems very similar to the one described in the following recent thread here at Bleeping Computer:"Where are all my files?":http://www.bleepingcomputer.com/forums/ind...t&p=1029754

Read other 4 answers
RELEVANCY SCORE 43.2

I just finished installing windows 10 on top of windows 8.1. As the new system loaded, I was encouraged by the banner that read "Your files are just where you left them." However, when I open OneDrive, I get the message that there are no files to show. I can access Word, Excel files, etc. by opening those applications, so the files are in a sense where I left them, but if I need to find something in OneDrive, I have nothing to search or browse.

I know that this is a very low-grade question, but I would appreciate any help.

Thanks in advance,

SeaGeeBee
 

A:Finding OneDrive Files

If you can open the files in Office applications, then they exist somewhere. If you open OneDrive and don't see anything, then they must not be stored there.

Are they in your Documents folder?
 

Read other 3 answers
RELEVANCY SCORE 43.2

Hey all. Just wondering if there was a very easy and simple way to find the number of files and directories that are listed within a hard drive for Windows XP. Thanks in advance for any insight.
 

Read other answers
RELEVANCY SCORE 43.2

My file search is not finding files which I know are there, including files that I find and then try a search to see if windows eight can also find them. I have tried all the solutions' offered by googling 'windows 8 not finding file' such as the troubleshooter . One suggestion was to change the location of where to search to 'everywhere' but this option is greyed out.
Any ideas?

A:Search not finding files

Hello Trevor,

You might see if the items in the yellow Tip box at the top of the tutorial below may be able to help with your search results.

Search in Windows 8

Hope this helps,
Shawn

Read other 3 answers
RELEVANCY SCORE 43.2

I use Optima mail, I have down loaded a few things.  The applet does not show or give a location option, doing a search by file name indicates they are located in "files".  I have spent an hour trying to find "files" any help very much appreciated.  I hate 7 and 8 seems even worse!
 
Moderator Edit: Moved from Windows 7 to a more appropriate forum
Roger

A:Finding down loaded files

They may be located at Everdesk's root folder.
 
This is the top level folder in EverDesk. By default it is set to your My Documents folder. You can choose a root folder when starting up EverDesk for the first time, or via this settings menu.

Read other 5 answers
RELEVANCY SCORE 43.2

*I'm not computer saavvy so please forgive me if I have a hard time describing my problem*

Hey everyone, recently my computer crashed (HP with Windows XP) and I had to reboot my computer, luckily my computer retained most of my files (everything in My Documents, and the HP PAVILLION (C:) etc etc). However, I had a substantial amount of files (mostly media, music) stored in a file on my desktop and as I had worried/expected the file was gone and all of its contents. Now heres where it gets tricky.

My hard drive right now is missing about ~60 gigs which roughly corresponds to the missing data! It says I have about 18 gigs of space left when I should have closer to 80.

I tried running a search for the missing files but the Windows search only goes through the standard folders like My documents etc. It's as if the files are there but there is no file path and they are just floating around in my hard drive somewhere inaccessible.

Is there anyway I can get these files back (without paying $70 for some lame file recovery program) or at the very least get my HD space bacK?

Any help appreciated. Thank you

A:Need Help Finding Some Lost Files!

You could try Recuva.

Read other 7 answers
RELEVANCY SCORE 43.2

howcome when I try to search for files or folders in XP it says that I am not connected? I am not trying to find files on the web , just on my PC.
 

A:finding files or folders

Read other 6 answers
RELEVANCY SCORE 43.2

it seems something is clogging up over 20gb of my hardrive and i'd like to find out what it is, unfortunately i have no idea where to begin with, so i'd like a tool that shows me the biggest file on my system so i can delete it.

my hardrive is 80gb, and windows reported 76gb usable, i dont have any large program install at all, the only thing i have is my own folder holding every single one of my files, in total it weights 50gb, and besides this folder, i have absolutely nothing else install on my pc, so i figure something is clogging up my 26gb, and i'd like to destroy it as soon as possible.
thanks for the help.
 

A:finding large files

Read other 8 answers
RELEVANCY SCORE 43.2

Having mastered XP and previous M/S OS's over the years, I'm floored at the complexity and confusion of 8.1, and if there was ANY alternative to MicroSoft, I would gladly take it and pay for it.

I'm an author. In XP I had my files and folders. Now, I have no idea where my files (Word, etc.) are going. I am finding my files in:

This PC/DocumentsHomegroup/(my name)/pc/Documents/c:Users/(my name)Homegroup/(my name)/pc/Documents/c:Users/(my name)/SkydriveOneDrive/DocumentsDesktop/(my name)/Documents

When I save a Word document, it defaults to something called:
(my name)'s OneDrive/Documents

but it calls it:
One Drive-Personal/Skydrive/Documents

Could someone give me some advice re: how to just have one set of files and folders, like I had in XP? I'd gladly pay you ...

Also, I had heard that by clicking in the upper left corner of the screen, I could get to an area more like the State section of XP, but I am not finding this.

THANK YOU - Tony in Arizona

A:Finding my folders and files

The actual folders are in C:\Users\(your user name)\. The Libraries will link to those folders. HomeGroup does too I think, I don't use HomeGroup and always leave the HomeGroup that's created automatically so there is no HomeGroup. If you open the Charms Bar (Windows logo key + C), click Settings > Change PC Settings > One Drive. Then turn "Save documents to OneDrive By default" Off. All your files will then be saved locally.

Read other 7 answers
RELEVANCY SCORE 43.2

Hello everyone,
my computer was attacked by vx2 malware, i tried everything to remove it but nothing worked, i was forced to reboot my computer twice. now i have lost all my work. i was wondering if i could retrive some files from my first installation.

thank you for your help
 

A:need help finding lost files

Did you do a clean install of the os? If so, there MAY be a chance using data recovery software. Some are free and some are not.

If you did not clean install the os, can you see your files / work?

Have you done a search for the files you want?
 

Read other 1 answers
RELEVANCY SCORE 43.2

I have changed OSs. Went from XP to Windows 2000 as is more stable for my press publishing needs. I copied my .pst contact list from msoutlook to a disk with the thought of copying it into msoutlook in wk2000 however I can't find the .pst file to copy it into. Could someone help me? I searched for .pst files but to no avail.
thanks
Keith
 

A:Finding MSoutlook .pst files

Read other 6 answers
RELEVANCY SCORE 43.2

i have ran Malwarebytes' antimalware on my laptop, and it keeps showing the same four files, when i look for them on my computer i cannot find them! says they are trojans...but i cannot find the files infected

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:58:44 PM, on 4/22/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Con... Read more

A:malwarebytes keeps finding same 4 files

might help if i add that i got the malware from anti-spyware 2009, my Malwarebytes scan says i have Trojan.Vundo.H in four files, but i cannot find them...it says to restart to remove them, but they dont go away
 

Read other 1 answers
RELEVANCY SCORE 43.2

the other day my dad went threw the computer and deleted a lot of trash but in the process he also deleted some files for some games he has also deleted everything from the recycle bin but how can i get these files back please help

thanks in advance, Nick

A:finding deleted files

I like freeware Restoration (it recovers from emptied recycle bin):

http://www.majorgeeks.com/Restoration_d4474.html

Of course there is better software but you have to spend $ for it.


good luck!

Read other 2 answers
RELEVANCY SCORE 43.2

Sometimes a file gets downloaded from the internet (willingly or not) but then I cannot find it. Is there a way to search to find the most recently created new files?

A:Finding downloaded files

Aren`t they going to your downloads folder, set it up so all your downloads will go there, it`s the default location in Windows 7, unless you`ve changed it.

In Chrome it`s in Settings/Advanced Settings/Downloads

Set it to download files to the downloads folder. You can always move them someplace else later.

Internet Explorer - Change Default Download Location

Read other 3 answers
RELEVANCY SCORE 43.2

I recently needed to find some files (MS Word which contained a specific word). From Windows Explorer, I selected the root of the directory in which I thought the files resided, entered the word I wanted to find in the Search box, and 16 files were found.

I then repeated the search using a stand-alone search tool and it found several hundred files.

I looked at the search options and they ARE configured to search the directory in question and MS Word documents. (Since some files were found, it seems reasonable to assume that the search options are configured properly.) It also reported that my system was fully indexed.

Why does Windows Search fail to find files being sought?

A:Search not finding files

Did you select both .doc and .docx files in your search?

Read other 5 answers