Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Running JRT and getting some errors


  • This topic is locked This topic is locked
4 replies to this topic

#1 boostedfox

boostedfox

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 30 June 2015 - 11:39 AM

Hi All,

 

I have run Junkware Removal Tool a few times and every time I do it keeps getting some errors. Below is a screenshot of JRT with the errors. After "checking short cuts" some more items come up but it goes so quickly that I can't make a screenshot. Not sure if there is any way to resolve this?

 

Thanks in advance

 

JRT-error_zpscatua9oo.jpg

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-06-2015 01
Ran by Kris (administrator) on KDOGGY on 30-06-2015 12:05:26
Running from C:\Documents and Settings\Kris\My Documents
Loaded Profiles: Kris (Available Profiles: Kris & Liana & UpdatusUser & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.88\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.88\opera.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [6756048 2012-11-07] (COMODO)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [43871584 2015-06-10] (Dropbox, Inc.)
HKLM\...\Run: [HostManager] => C:\Program Files\Common Files\AOL\1434733501\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKU\S-1-5-21-1645522239-1958367476-725345543-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
AppInit_DLLs: C:\WINDOWS\system32\guard32.dll => C:\WINDOWS\system32\guard32.dll [301264 2012-11-07] (COMODO)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1645522239-1958367476-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
HKU\S-1-5-21-1645522239-1958367476-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1645522239-1958367476-725345543-1003 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-10-15] (AVG Technologies CZ, s.r.o.)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-03] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-03] (Sun Microsystems, Inc.)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll [2012-03-27] (AVG Technologies CZ, s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{39F3F25E-8742-4707-8111-FED6940C8A43}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{64BBC656-C1C8-44C1-933C-433E4F1382DE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{716C8DA2-0BD7-4925-A74F-1862EE224E6C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B7CCB401-7F5D-4777-B24A-B78A3704626F}: [NameServer] 192.168.1.1,192.168.1.99
Tcpip\..\Interfaces\{D087C8A9-9691-4771-8C1C-838E9C5BBF0A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E9A02268-BE33-4752-A7DA-5D5A212306A9}: [DhcpNameServer] 192.168.2.1
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Kris\Application Data\Mozilla\Firefox\Profiles\c2xg88v2.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://us.yahoo.com?fr=fp-comodo
FF Keyword.URL: hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll [2015-06-19] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll [2011-08-30] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1645522239-1958367476-725345543-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Kris\Local Settings\Application Data\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-1645522239-1958367476-725345543-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Kris\Local Settings\Application Data\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2003-07-14] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2011-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2011-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2011-10-26] (Apple Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011-10-19]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4 [2011-10-19]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-09-15]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-05-29]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-12-18]
FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack
FF Extension: AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack [2015-06-19]
 
Chrome: 
=======
CHR Profile: C:\Documents and Settings\Kris\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Documents and Settings\Kris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Google Search) - C:\Documents and Settings\Kris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Kris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-18]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Documents and Settings\Kris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-10-22]
CHR Extension: (Gmail) - C:\Documents and Settings\Kris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: chrome.exe - C:\Documents and Settings\Kris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [136544 2009-10-22] ()
S3 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46184 2014-02-06] (AOL Inc.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1990464 2012-11-07] (COMODO)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
S2 havasvc; C:\Program Files\Monsoon Multimedia\Vulkano\Common\havasvc.exe [146432 2011-08-01] (Monsoon Multimedia Inc.) [File not signed]
S2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2011-10-03] (Sun Microsystems, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [227232 2010-01-15] (McAfee, Inc.)
S2 RaAutoInstSrv_AM10; C:\Program Files\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe [528512 2010-02-19] (Cisco Consumer Products LLC)
S2 UTSCSI; C:\WINDOWS\system32\UTSCSI.EXE [45056 2011-10-25] () [File not signed]
S2 WLANBelkinService; C:\Program Files\Belkin\F7D4101\V1\wlansrv.exe [36864 2009-12-28] () [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [20747 2010-01-28] (Meetinghouse Data Communications) [File not signed]
S3 AM10; C:\WINDOWS\System32\DRIVERS\AM10XP.sys [816672 2010-02-13] (Ralink Technology, Corp.)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R3 AODDriver; C:\Program Files\AMD\OverDrive\i386\AODDriver.sys [8704 2009-10-22] (Advanced Micro Devices) [File not signed]
R3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1714176 2011-09-15] (Atheros Communications, Inc.)
R3 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\WINDOWS\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [302368 2014-11-04] (AVG Technologies CZ, s.r.o.)
S3 BCMH43XX; C:\WINDOWS\System32\DRIVERS\bcmwlhigh5.sys [642432 2009-11-06] (Broadcom Corporation)
R1 BIOS; C:\WINDOWS\system32\drivers\BIOS.sys [13696 2005-03-16] (BIOSTAR Group) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [497952 2012-11-07] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [32640 2012-11-07] (COMODO)
R2 cpuz132; C:\WINDOWS\system32\drivers\cpuz132_x32.sys [12672 2009-03-27] (Windows ® Codename Longhorn DDK provider) [File not signed]
R3 havabus; C:\WINDOWS\System32\DRIVERS\havabus.sys [37376 2011-08-01] (Monsoon Multimedia Inc.)
R3 HAVATV; C:\WINDOWS\System32\DRIVERS\HAVATV.sys [179712 2011-08-01] (Monsoon Multimedia Inc.)
R3 HavaTV_10; C:\WINDOWS\System32\DRIVERS\HavaTV_10.sys [179712 2011-08-01] (Monsoon Multimedia Inc.)
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [99080 2012-11-07] (COMODO)
R3 monfilt; C:\WINDOWS\System32\drivers\monfilt.sys [1389056 2008-02-14] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 NPF; C:\WINDOWS\System32\drivers\NPF.sys [34064 2007-11-07] (CACE Technologies)
S3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54784 2008-08-01] (NVIDIA Corporation)
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [145952 2008-08-18] (NVIDIA Corporation)
S3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [123712 2012-01-17] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2008-08-01] (NVIDIA Corporation)
S3 pmxscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [15104 2008-04-13] (Microsoft Corporation)
S3 RT73; C:\WINDOWS\System32\DRIVERS\rt73.sys [451968 2007-10-02] (Ralink Technology, Corp.)
S3 RTLWUSB; C:\WINDOWS\System32\DRIVERS\RTL8187.sys [332928 2011-09-08] (Realtek Semiconductor Corporation                           )
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1050112 2009-01-11] (VIA Technologies, Inc.)
R3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-30 12:05 - 2015-06-30 12:05 - 01636352 _____ (Farbar) C:\Documents and Settings\Kris\My Documents\FRST.exe
2015-06-30 12:05 - 2015-06-30 12:05 - 00019281 _____ C:\Documents and Settings\Kris\My Documents\FRST.txt
2015-06-30 12:05 - 2015-06-30 12:05 - 00000000 ____D C:\FRST
2015-06-30 11:56 - 2015-06-30 11:56 - 00001128 _____ C:\Documents and Settings\Kris\Desktop\JRT.txt
2015-06-30 11:56 - 2015-06-30 11:56 - 00000254 _____ C:\WINDOWS\wiadebug.log
2015-06-30 11:56 - 2015-06-30 11:56 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-06-30 11:56 - 2015-06-30 11:56 - 00000000 _____ C:\WINDOWS\Sti_Trace.log
2015-06-30 11:31 - 2015-06-30 11:31 - 00026900 _____ C:\Documents and Settings\Kris\Local Settings\Application Data\dt.dat
2015-06-30 11:31 - 2015-06-30 11:31 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-06-28 20:17 - 2015-06-29 09:44 - 00000467 _____ C:\Documents and Settings\Kris\Application Data\burnaware.ini
2015-06-28 20:17 - 2015-06-28 20:17 - 00000729 _____ C:\Documents and Settings\All Users\Desktop\BurnAware Free.lnk
2015-06-28 20:17 - 2015-06-28 20:17 - 00000000 ____D C:\Program Files\BurnAware Free
2015-06-28 20:17 - 2015-06-28 20:17 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\BurnAware Free
2015-06-28 14:29 - 2015-06-28 14:29 - 00000000 ___HD C:\Documents and Settings\All Users\Application Data\CanonIJFAX
2015-06-28 14:29 - 2015-06-28 14:29 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Canon Utilities
2015-06-28 14:29 - 2015-06-28 14:29 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool
2015-06-28 14:29 - 2012-09-21 09:33 - 00321024 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BNL.dll
2015-06-28 14:29 - 2012-05-25 09:21 - 00103936 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BNU.dll
2015-06-28 14:29 - 2012-05-15 16:01 - 00092672 _____ C:\WINDOWS\system32\CNC1768D.TBL
2015-06-28 14:29 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA.dll
2015-06-28 14:27 - 2015-06-28 14:27 - 00000000 ___HD C:\Program Files\CanonBJ
2015-06-28 14:27 - 2015-06-28 14:27 - 00000000 ___HD C:\Documents and Settings\All Users\Application Data\CanonBJ
2015-06-28 14:27 - 2015-06-28 14:27 - 00000000 ____D C:\WINDOWS\system32\STRING
2015-06-28 14:27 - 2012-09-21 05:00 - 00258560 _____ (CANON INC.) C:\WINDOWS\system32\CNCALBN.DLL
2015-06-28 14:27 - 2012-09-20 05:00 - 00315904 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMBN.DLL
2015-06-28 14:27 - 2012-07-31 08:47 - 00366592 _____ (CANON INC.) C:\WINDOWS\system32\CNMNPPM.DLL
2015-06-28 14:27 - 2012-07-31 08:47 - 00035840 _____ (CANON INC.) C:\WINDOWS\system32\CNMNPUI.DLL
2015-06-28 14:26 - 2015-06-28 14:30 - 00000000 ____D C:\Program Files\Canon
2015-06-26 11:29 - 2015-06-26 11:29 - 00000000 ____D C:\Documents and Settings\Kris\Local Settings\Application Data\Opera Software
2015-06-26 11:28 - 2015-06-30 11:28 - 00000378 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1435332449.job
2015-06-26 11:28 - 2015-06-26 11:28 - 00000675 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk
2015-06-26 11:28 - 2015-06-26 11:28 - 00000675 _____ C:\Documents and Settings\All Users\Desktop\Opera.lnk
2015-06-26 11:28 - 2015-06-26 11:28 - 00000000 ____D C:\Documents and Settings\Kris\Application Data\Opera Software
2015-06-26 11:25 - 2015-06-30 11:28 - 00000000 ____D C:\Program Files\Opera
2015-06-26 11:25 - 2015-06-30 10:27 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2015-06-26 11:22 - 2015-06-26 11:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TuneUp Software
2015-06-26 11:22 - 2015-06-26 11:22 - 00000000 __SHD C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-06-26 11:21 - 2015-06-26 11:21 - 00000862 _____ C:\Documents and Settings\Kris\Desktop\FrostWire 6.lnk
2015-06-26 11:21 - 2015-06-26 11:21 - 00000000 ____D C:\Documents and Settings\Kris\Start Menu\Programs\FrostWire 6
2015-06-26 11:21 - 2015-06-26 11:21 - 00000000 ____D C:\Documents and Settings\Kris\Application Data\RPEng
2015-06-26 11:20 - 2015-06-26 11:27 - 00000000 ____D C:\Program Files\FrostWire 6
2015-06-26 09:39 - 2015-06-30 10:54 - 00000000 ____D C:\AdwCleaner
2015-06-26 09:38 - 2015-06-26 09:38 - 02244096 _____ C:\Documents and Settings\Kris\Desktop\AdwCleaner.exe
2015-06-26 09:30 - 2015-06-26 09:30 - 00000000 ____D C:\RegBackup
2015-06-26 09:24 - 2015-06-26 09:24 - 02950453 _____ (Malwarebytes Corporation) C:\Documents and Settings\Kris\Desktop\JRT.exe
2015-06-25 20:36 - 2015-06-30 10:51 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-23 17:20 - 2015-06-23 17:21 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\CuteFTPbackup
2015-06-23 17:13 - 2015-06-23 17:13 - 00000000 ____D C:\Program Files\GlobalSCAPE
2015-06-23 17:13 - 2015-06-23 17:13 - 00000000 ____D C:\Documents and Settings\Kris\Application Data\GlobalSCAPE
2015-06-23 17:13 - 2015-06-23 17:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\GlobalSCAPE
2015-06-23 16:38 - 2015-06-23 16:38 - 00000731 _____ C:\Documents and Settings\Kris\Desktop\ImageReady.lnk
2015-06-23 16:11 - 2015-06-23 16:11 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Photoshop
2015-06-19 17:10 - 2015-06-19 17:10 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Yearly Taxes
2015-06-19 17:09 - 2015-06-19 17:10 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Twister
2015-06-19 17:09 - 2015-06-19 17:09 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Turbo Lister Backup
2015-06-19 17:09 - 2015-06-19 17:09 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Trademark
2015-06-19 17:09 - 2015-06-19 17:09 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Suppliers Order Request
2015-06-19 17:08 - 2015-06-19 17:08 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Strictlycars
2015-06-19 17:07 - 2015-06-19 17:07 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\sscorp
2015-06-19 17:07 - 2015-06-19 17:07 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Sonkem
2015-06-19 17:06 - 2015-06-19 17:06 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Sealed Beam Instructions
2015-06-19 17:06 - 2015-06-19 17:06 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\RED
2015-06-19 17:06 - 2015-06-19 17:06 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Recipes
2015-06-19 17:06 - 2015-06-19 17:06 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\PWS Medical
2015-06-19 17:06 - 2015-06-19 17:06 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\PROPERTIES
2015-06-19 17:05 - 2015-06-19 17:05 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Porsche Cayenne
2015-06-19 16:51 - 2015-06-25 15:50 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Porsche 911
2015-06-19 16:36 - 2015-06-19 16:36 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\MOM
2015-06-19 16:15 - 2015-06-19 16:16 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Marco 2014
2015-06-19 15:22 - 2015-06-19 15:26 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\kdogsMP3s
2015-06-19 15:21 - 2015-06-19 15:22 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\HofSport Info
2015-06-19 15:21 - 2015-06-19 15:21 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\HofSport Pics
2015-06-19 15:21 - 2015-06-19 15:21 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\GTablet Flash 2013
2015-06-19 15:21 - 2015-06-19 15:21 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Golf Cart
2015-06-19 15:21 - 2015-06-19 15:21 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Gate Remote
2015-06-19 15:21 - 2015-06-19 15:21 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\GATE
2015-06-19 15:20 - 2015-06-19 15:20 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Garage
2015-06-19 15:20 - 2015-06-19 15:20 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Gabi
2015-06-19 14:49 - 2015-06-19 14:50 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\EuroLamps Website BackUp
2015-06-19 14:47 - 2015-06-19 14:49 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\eurolamps
2015-06-19 14:47 - 2015-06-19 14:47 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Estate Planning
2015-06-19 14:46 - 2015-06-19 14:46 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\COBRA
2015-06-19 14:43 - 2015-06-19 14:45 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Cayenne
2015-06-19 14:43 - 2015-06-19 14:43 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\8760
2015-06-19 14:41 - 2015-06-19 14:42 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\DAD
2015-06-19 13:11 - 2015-06-19 13:11 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\AOL
2015-06-19 13:10 - 2015-06-19 13:10 - 00000756 _____ C:\Documents and Settings\All Users\Desktop\AOL Desktop 9.7.lnk
2015-06-19 13:10 - 2015-06-19 13:10 - 00000668 _____ C:\Documents and Settings\All Users\Start Menu\AOL Desktop 9.7.lnk
2015-06-19 13:10 - 2015-06-19 13:10 - 00000000 ____D C:\Documents and Settings\Kris\Application Data\AOL
2015-06-19 13:10 - 2015-06-19 13:10 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AOL
2015-06-19 13:10 - 2015-06-19 13:10 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Macromedia
2015-06-19 13:09 - 2015-06-30 11:31 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-06-19 13:08 - 2015-06-19 13:01 - 00058696 _____ (AOL Inc.) C:\WINDOWS\system32\AOLParconLink.exe
2015-06-19 13:05 - 2015-06-19 13:10 - 00000000 ____D C:\Documents and Settings\Kris\Local Settings\Application Data\AOL
2015-06-19 13:05 - 2015-06-19 13:05 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AOL OCP
2015-06-19 13:05 - 2003-01-10 17:13 - 00033588 ____R (America Online, Inc.) C:\WINDOWS\system32\Drivers\wanatw4.sys
2015-06-19 13:04 - 2015-06-19 13:11 - 00000000 ____D C:\Program Files\AOL Desktop 9.7
2015-06-19 13:04 - 2015-06-19 13:09 - 00000000 ____D C:\Program Files\Common Files\AOL
2015-06-19 13:04 - 2015-06-19 13:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AOL
2015-06-19 13:04 - 2015-06-19 13:07 - 00000000 ____D C:\Program Files\Common Files\aolshare
2015-06-19 13:04 - 2015-06-19 13:04 - 00000000 ____D C:\Program Files\AOL
2015-06-19 13:02 - 2015-06-19 13:10 - 00035022 _____ C:\install.log
2015-06-19 09:23 - 2015-06-19 09:23 - 00000000 ____D C:\Documents and Settings\Default User\Application Data\TuneUp Software
2015-06-19 09:23 - 2015-06-19 09:23 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2015-06-18 12:40 - 2008-04-13 13:47 - 00025856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbprint.sys
2015-06-18 12:40 - 2008-04-13 13:47 - 00025856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2015-06-18 12:07 - 2015-06-30 10:36 - 00000000 ___RD C:\Documents and Settings\Kris\My Documents\Dropbox
2015-06-18 12:07 - 2015-06-18 12:07 - 00000879 _____ C:\Documents and Settings\Kris\Desktop\Dropbox.lnk
2015-06-18 12:05 - 2015-06-18 12:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Dropbox
2015-06-18 12:02 - 2015-06-30 11:07 - 00000892 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-06-18 12:02 - 2015-06-30 10:56 - 00000888 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-06-18 12:02 - 2015-06-18 12:02 - 00000000 ____D C:\Documents and Settings\Kris\Application Data\Dropbox
2015-06-18 12:00 - 2015-06-30 10:35 - 00000000 ____D C:\Documents and Settings\Kris\Local Settings\Application Data\Dropbox
2015-06-18 12:00 - 2015-06-18 12:34 - 00000000 ____D C:\Program Files\Dropbox
2015-06-18 12:00 - 2015-06-18 12:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Dropbox
2015-06-18 11:39 - 2015-06-18 11:40 - 00000000 ____D C:\Documents and Settings\Kris\Local Settings\Application Data\Thunderbird
2015-06-18 11:39 - 2015-06-18 11:39 - 00000000 ____D C:\Documents and Settings\Kris\Application Data\Thunderbird
2015-06-18 11:29 - 2015-06-18 11:29 - 00000000 ____D C:\Program Files\Google
2015-06-18 11:28 - 2015-06-18 11:28 - 00000780 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-06-18 11:28 - 2015-06-18 11:28 - 00000774 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Thunderbird.lnk
2015-06-18 11:27 - 2015-06-18 11:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-18 11:27 - 2015-06-18 11:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla
2015-06-18 11:25 - 2015-06-18 11:28 - 00000000 ____D C:\Program Files\GUM89.tmp
2015-06-18 11:24 - 2015-06-18 11:24 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-30 12:05 - 2010-01-28 01:48 - 00000000 ____D C:\Documents and Settings\Kris\Local Settings\Temp
2015-06-30 11:51 - 2010-01-28 01:42 - 01825900 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-30 11:43 - 2012-02-22 14:04 - 00000178 ___SH C:\Documents and Settings\UpdatusUser\ntuser.ini
2015-06-30 11:35 - 2011-09-15 22:54 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1958367476-725345543-1003UA.job
2015-06-30 11:35 - 2011-09-15 22:54 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1958367476-725345543-1003Core.job
2015-06-30 11:31 - 2011-05-17 11:08 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-06-30 11:31 - 2010-01-28 03:24 - 00000000 ____D C:\Documents and Settings\Kris\Local Settings\Application Data\Adobe
2015-06-30 10:56 - 2011-09-27 12:09 - 00000276 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1645522239-1958367476-725345543-1003.job
2015-06-30 10:56 - 2004-08-04 08:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2015-06-30 10:55 - 2010-01-28 01:47 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-30 10:54 - 2010-01-28 01:48 - 00000178 ___SH C:\Documents and Settings\Kris\ntuser.ini
2015-06-30 10:54 - 2010-01-28 01:47 - 00032560 _____ C:\WINDOWS\SchedLgU.Txt
2015-06-30 10:52 - 2011-08-25 12:14 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\CCleanerBackups
2015-06-30 10:52 - 2010-01-28 01:48 - 00000000 ____D C:\Documents and Settings\Kris
2015-06-29 08:30 - 2010-10-29 16:30 - 00000000 ____D C:\WINDOWS\system32\Drivers\AVG
2015-06-28 14:29 - 2008-12-31 20:23 - 00000000 ____D C:\WINDOWS\twain_32
2015-06-28 14:29 - 2008-12-31 20:23 - 00000000 ____D C:\WINDOWS\Media
2015-06-26 11:33 - 2011-10-27 08:32 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\FrostWire
2015-06-26 11:27 - 2011-10-27 08:32 - 00000000 ____D C:\Documents and Settings\Kris\.frostwire5
2015-06-26 11:20 - 2011-10-27 08:32 - 00000000 ____D C:\Program Files\FrostWire 5
2015-06-24 17:08 - 2011-03-04 02:27 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-06-24 16:24 - 2011-08-25 12:15 - 00000000 ____D C:\WINDOWS\pss
2015-06-24 16:24 - 2008-12-31 20:27 - 00000223 __RSH C:\boot.ini
2015-06-24 16:24 - 2004-08-04 08:00 - 00000573 _____ C:\WINDOWS\win.ini
2015-06-24 16:24 - 2004-08-04 08:00 - 00000227 _____ C:\WINDOWS\system.ini
2015-06-23 17:13 - 2010-01-28 01:52 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-06-23 16:12 - 2010-01-28 03:25 - 00000000 ____D C:\Program Files\Adobe
2015-06-23 16:07 - 2011-07-14 14:32 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-06-23 12:14 - 2011-09-27 12:09 - 00000284 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1645522239-1958367476-725345543-1003.job
2015-06-23 12:08 - 2010-04-22 23:58 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-22 15:37 - 2011-09-15 22:55 - 00002277 _____ C:\Documents and Settings\Kris\Desktop\Google Chrome.lnk
2015-06-21 21:35 - 2012-01-03 21:41 - 00000000 ____D C:\Documents and Settings\Kris\Application Data\BitTorrent
2015-06-21 21:34 - 2011-09-27 12:13 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2015-06-21 21:34 - 2011-08-25 12:12 - 00000000 ____D C:\Program Files\CCleaner
2015-06-21 21:34 - 2011-08-25 12:12 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2015-06-19 16:13 - 2010-01-28 03:15 - 00156160 _____ C:\Documents and Settings\Kris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-19 16:08 - 2012-02-29 01:38 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\CPA_VA
2015-06-19 16:08 - 2012-02-29 01:29 - 00000000 ____D C:\Program Files\Comodo
2015-06-19 16:08 - 2012-02-29 01:29 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Comodo
2015-06-19 14:41 - 2011-06-22 10:32 - 00000000 ____D C:\Documents and Settings\Kris\My Documents\Bulb Photos
2015-06-19 13:10 - 2010-01-28 01:43 - 00316640 _____ C:\WINDOWS\WMSysPr9.prx
2015-06-19 13:01 - 2010-04-22 23:58 - 00000335 _____ C:\WINDOWS\nsreg.dat
2015-06-19 13:01 - 2010-04-22 23:58 - 00000000 ____D C:\Documents and Settings\Kris\Application Data\Mozilla
2015-06-19 09:24 - 2010-10-29 16:07 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2015-06-19 09:23 - 2011-10-19 15:49 - 00000702 _____ C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
2015-06-19 09:22 - 2011-12-22 16:44 - 00000000 ___HD C:\$AVG
2015-06-18 12:39 - 2011-10-19 22:10 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2015-06-18 12:38 - 2010-01-28 01:56 - 00044528 _____ C:\Documents and Settings\Kris\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-06-18 12:00 - 2008-12-31 20:23 - 00000000 ____D C:\WINDOWS\Help
2015-06-18 11:36 - 2011-09-15 22:55 - 00000000 ____D C:\Documents and Settings\Kris\Start Menu\Programs\Google Chrome
2015-06-18 11:19 - 2011-10-22 02:19 - 00292700 _____ C:\WINDOWS\system32\nvdrsdb0.bin
2015-06-18 11:19 - 2011-10-22 02:19 - 00000001 _____ C:\WINDOWS\system32\nvdrssel.bin
2015-06-18 11:19 - 2008-12-31 20:33 - 00508956 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-18 11:18 - 2011-10-22 02:19 - 00292700 _____ C:\WINDOWS\system32\nvdrsdb1.bin
2015-06-18 11:12 - 2008-12-31 20:30 - 00196160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
 
==================== Files in the root of some directories =======
 
2015-06-28 20:17 - 2015-06-29 09:44 - 0000467 _____ () C:\Documents and Settings\Kris\Application Data\burnaware.ini
2010-01-28 03:15 - 2015-06-19 16:13 - 0156160 _____ () C:\Documents and Settings\Kris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-30 11:31 - 2015-06-30 11:31 - 0026900 _____ () C:\Documents and Settings\Kris\Local Settings\Application Data\dt.dat
2011-10-07 21:50 - 2011-10-07 21:50 - 0002848 _____ () C:\Documents and Settings\Kris\Local Settings\Application Data\HWVendorDetection.log
 
Some files in TEMP:
====================
C:\Documents and Settings\Kris\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4gqowa.dll
C:\Documents and Settings\Kris\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Kris\Local Settings\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End of log ============================

 

 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:08 AM

Posted 05 July 2015 - 08:20 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.


start

CreateRestorePoint:
CloseProcesses:

CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

How is the computer running now?

#3 boostedfox

boostedfox
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 05 July 2015 - 08:12 PM

Hi Nasdaq, Thank you very much for the reply. I was contacted by "thisisu" and an update was made to JRT, after the update it worked correctly. Computer is running very well now.

 

Thank you again!



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:08 AM

Posted 06 July 2015 - 07:37 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:08 AM

Posted 11 July 2015 - 08:32 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users