bryantkeefe

Thanks for replying. I have contacted a repair person and I am letting them fix it. Appreciate your time.

Still broke down. Have run every possible fix and no luck. Any ideas?

Still going to black with cursor only. Log below. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2013 02 Ran by SYSTEM on 06-05-2013 12:35:51 Running from G:\ Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet002 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2011-07-28] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-07-28] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2011-07-28] (Lenovo) HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation) HKLM\...\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-09-04] (CANON INC.) HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-15] (Synaptics Incorporated) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-05-25] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro) HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-07-28] (Lenovo) HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup [655360 2012-09-25] () HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4394032 2013-03-13] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide [2793304 2009-10-14] () HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [228448 2011-01-28] (CyberLink Corp.) HKLM-x32\...\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2011-01-28] (CyberLink) HKLM-x32\...\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe /run [383344 2010-12-13] (Egis Technology Inc. ) HKLM-x32\...\Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [364400 2010-10-22] (Egis Technology Inc. ) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.) HKLM-x32\...\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [202096 2010-11-05] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [407920 2010-11-05] (Egis Technology Inc.) HKU\BryantKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.) HKU\BryantKeefe\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19357112 2013-03-07] (Google) HKU\BryantKeefe\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com) HKU\BryantKeefe\...\Run: [Google Update] "C:\Users\BryantKeefe\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-02-16] (Google Inc.) HKU\BryantKeefe\...\Run: [GoogleChromeAutoLaunch_396D1C86E4D946F333C66A812C053E66] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window [1312720 2013-04-09] (Google Inc.) HKU\BryantKeefe\...\Run: [ROC_ROC_APR2013_AV] C:\Users\BryantKeefe\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 52b1eb98523547d197972197b79054a5-0d1704d861aa73c8e370fa11febc830e50eae3e6 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x] HKU\BryantKeefe\...\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [247768 2012-08-28] (TomTom) HKU\BryantKeefe\...\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18643048 2013-02-28] (Skype Technologies S.A.) HKU\BryantKeefe\...\Run: [RegistryKit v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [x] HKU\BryantKeefe\...\Run: [RegistryKit Reminder v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [x] HKU\EdwardKeefe\...\Run: [best Buy pc app] C:\Users\EdwardKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x] HKU\EdwardKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.) HKU\EdwardKeefe\...\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex [706776 2013-03-13] (Adobe Systems Incorporated) Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter Startup: C:\ProgramData\Start Menu\Programs\Startup\MozyHome Status.lnk ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.) Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) ==================== Services (Whitelisted) ================= S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-02-27] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [282624 2013-02-19] (AVG Technologies CZ, s.r.o.) S2 CxAudMsg; C:\windows\system32\CxAudMsg64.exe [198784 2010-12-17] (Conexant Systems Inc.) S2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8498608 2012-04-10] (DisplayLink Corp.) S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. ) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54672 2012-11-09] (Mozy, Inc.) S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2012-04-13] () S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x] ==================== Drivers (Whitelisted) ==================== S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-02-26] (AVG Technologies CZ, s.r.o.) S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.) S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.) S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [239416 2013-02-14] (AVG Technologies CZ, s.r.o.) S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys [17408 2012-11-11] (http://libusb-win32.sourceforge.net) S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67368 2012-11-09] (Mozy, Inc.) S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation) S3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation) S3 BcmSqlStartupSvc; S1 BPntDrv; system32\drivers\BPntDrv.sys [x] S2 CLKMSVC10_3A60B698; S2 CLKMSVC10_C3B3B687; S3 dfg; System32\DRIVERS\dfg.sys [x] S2 DriverService; S0 fbfmon; system32\drivers\fbfmon.sys [x] S2 IAStorDataMgrSvc; S2 iATAgentService; S2 idealife Update Service; S3 IGRS; S2 IviRegMgr; S2 nvUpdatusService; S2 Oasis2Service; S2 PCCarerService; S2 ReadyComm.DirectRouter; S2 RichVideo; S2 RtLedService; S2 SeaPort; S2 SoftwareService; S3 SQLWriter; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST 2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini 2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe 2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk 2013-05-05 14:51 - 2008-12-09 23:16 - 00023552 ____A (defrag Development Team) C:\Windows\SysWOW64\Drivers\dfg.sys 2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp 2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp 2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes 2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp 2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-05 07:48 - 2013-04-04 13:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle 2013-05-05 07:12 - 2013-05-05 12:01 - 00000000 ____D C:\Windows\pss 2013-05-05 04:48 - 2013-05-05 04:49 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp 2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics 2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics 2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts 2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics 2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales 2013-04-25 06:40 - 2012-11-09 09:56 - 00067368 ____A (Mozy, Inc.) C:\Windows\System32\Drivers\mozy.sys 2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics 2013-04-24 03:17 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics 2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip 2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv 2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx 2013-04-19 12:07 - 2013-04-19 12:08 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip 2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip 2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv 2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv 2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv 2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv 2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv 2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv 2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv 2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv 2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv 2013-04-18 15:31 - 2013-04-18 15:33 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv 2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv 2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv 2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics 2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv 2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv 2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html 2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html 2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls 2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-04-10 01:02 - 2013-02-21 22:57 - 17817088 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-04-10 01:02 - 2013-02-21 22:29 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-04-10 01:02 - 2013-02-21 22:27 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-04-10 01:02 - 2013-02-21 22:21 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-04-10 01:02 - 2013-02-21 22:20 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-04-10 01:02 - 2013-02-21 22:19 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-04-10 01:02 - 2013-02-21 22:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-04-10 01:02 - 2013-02-21 22:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-04-10 01:02 - 2013-02-21 22:15 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-04-10 01:02 - 2013-02-21 22:15 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-04-10 01:02 - 2013-02-21 22:15 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-04-10 01:02 - 2013-02-21 22:14 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-04-10 01:02 - 2013-02-21 22:13 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-04-10 01:02 - 2013-02-21 22:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-04-10 01:02 - 2013-02-21 22:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-04-10 01:02 - 2013-02-21 22:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-04-10 01:02 - 2013-02-21 20:05 - 12324352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-04-10 01:02 - 2013-02-21 19:47 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-04-10 01:02 - 2013-02-21 19:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-04-10 01:02 - 2013-02-21 19:38 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-04-10 01:02 - 2013-02-21 19:38 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-04-10 01:02 - 2013-02-21 19:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-04-10 01:02 - 2013-02-21 19:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-04-10 01:02 - 2013-02-21 19:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-04-10 01:02 - 2013-02-21 19:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-04-10 01:02 - 2013-02-21 19:34 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-04-10 01:02 - 2013-02-21 19:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-04-10 01:02 - 2013-02-21 19:33 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-04-10 01:02 - 2013-02-21 19:32 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-04-10 01:02 - 2013-02-21 19:31 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-04-10 01:02 - 2013-02-21 19:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-04-10 01:02 - 2013-02-21 19:28 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-04-09 23:58 - 2013-02-28 19:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-04-09 23:57 - 2013-02-14 22:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll 2013-04-09 23:57 - 2013-02-14 22:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll 2013-04-09 23:57 - 2013-02-14 22:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll 2013-04-09 23:57 - 2013-02-14 20:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-04-09 23:57 - 2013-02-14 20:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2013-04-09 23:57 - 2013-02-14 19:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2013-04-09 23:57 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys 2013-04-09 23:56 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2013-04-09 23:56 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2013-04-09 23:56 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-04-09 23:56 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-04-09 23:56 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-04-09 23:56 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe 2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp ==================== One Month Modified Files and Folders ======= 2013-05-06 11:30 - 2011-07-28 16:04 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-05-06 11:29 - 2011-07-28 16:11 - 00096884 ____A C:\Windows\System32\fastboot.set 2013-05-06 11:29 - 2011-07-28 15:44 - 01866105 ____A C:\FaceProv.log 2013-05-06 11:29 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-05-06 11:29 - 2009-07-13 20:51 - 00069878 ____A C:\Windows\setupact.log 2013-05-06 11:28 - 2010-11-20 19:47 - 00096046 ____A C:\Windows\PFRO.log 2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST 2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini 2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe 2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk 2013-05-05 14:50 - 2009-07-13 21:13 - 00779306 ____A C:\Windows\System32\PerfStringBackup.INI 2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp 2013-05-05 14:45 - 2013-02-12 04:58 - 371745274 ____A C:\Windows\MEMORY.DMP 2013-05-05 14:45 - 2013-02-12 04:58 - 00000000 ____D C:\Windows\Minidump 2013-05-05 14:38 - 2011-07-28 14:57 - 01201659 ____A C:\Windows\WindowsUpdate.log 2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp 2013-05-05 12:01 - 2013-05-05 07:12 - 00000000 ____D C:\Windows\pss 2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes 2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp 2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle 2013-05-05 07:43 - 2011-10-04 16:30 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Local\Google 2013-05-05 07:27 - 2013-02-10 11:48 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs 2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-05-05 07:18 - 2012-11-22 08:18 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\Htc 2013-05-05 07:18 - 2012-11-12 15:11 - 00000000 ___SD C:\Users\BryantKeefe\Google Drive 2013-05-05 07:16 - 2011-07-28 15:44 - 00000000 ____D C:\ProgramData\VeriFace 2013-05-05 07:03 - 2012-12-30 18:20 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\CrashDumps 2013-05-05 06:58 - 2011-07-28 16:04 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-05-05 06:46 - 2012-11-12 04:18 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-05-05 06:31 - 2013-03-05 13:20 - 00000932 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003UA.job 2013-05-05 05:57 - 2012-11-09 09:56 - 00006372 ____A C:\Windows\mozy.flt 2013-05-05 05:57 - 2012-11-09 09:56 - 00005256 ____A C:\Windows\mozy.blk 2013-05-05 05:51 - 2012-11-18 15:58 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Skype 2013-05-05 04:49 - 2013-05-05 04:48 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp 2013-05-04 17:22 - 2012-02-20 17:45 - 00000000 ____D C:\ProgramData\MFAData 2013-05-04 17:04 - 2013-03-05 13:20 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003Core.job 2013-05-03 10:59 - 2012-11-26 10:16 - 00000000 ____D C:\Users\BryantKeefe\Documents\FairwayStuff 2013-05-02 17:13 - 2012-11-23 13:56 - 00000000 ____D C:\Users\BryantKeefe\Documents\Outlook Files 2013-05-02 09:53 - 2012-11-19 10:56 - 00061304 ____A C:\Users\BryantKeefe\g2mdlhlpx.exe 2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics 2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics 2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts 2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics 2013-04-30 10:27 - 2012-11-11 04:31 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Mozilla 2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales 2013-04-29 12:41 - 2011-11-15 12:41 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-04-25 06:40 - 2012-11-27 16:05 - 00000000 ____D C:\Program Files\MozyHome 2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics 2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics 2013-04-23 05:58 - 2011-07-28 15:35 - 00000000 ____D C:\ProgramData\Adobe 2013-04-23 05:57 - 2012-11-12 04:18 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-04-23 05:57 - 2012-02-20 17:39 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip 2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv 2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx 2013-04-19 12:08 - 2013-04-19 12:07 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip 2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip 2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv 2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv 2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv 2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv 2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv 2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv 2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv 2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv 2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv 2013-04-18 15:33 - 2013-04-18 15:31 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv 2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv 2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv 2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics 2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv 2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv 2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html 2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html 2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls 2013-04-13 06:40 - 2009-07-13 21:08 - 00032586 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2013-04-13 06:39 - 2012-11-11 04:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-04-12 06:45 - 2013-04-24 03:17 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-04-11 04:59 - 2011-07-28 16:04 - 00002183 ____A C:\Users\Public\Desktop\Internet Browser.lnk 2013-04-10 05:52 - 2009-07-13 20:45 - 00366616 ____A C:\Windows\System32\FNTCACHE.DAT 2013-04-10 01:04 - 2011-11-15 08:16 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-04-10 01:02 - 2012-11-23 13:14 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-04-09 11:47 - 2013-03-26 07:20 - 00000000 ____D C:\Users\BryantKeefe\Documents\100Calls 2013-04-09 07:38 - 2012-11-10 16:55 - 00000000 ____D C:\users\BryantKeefe 2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp 2013-04-06 01:23 - 2011-11-15 12:41 - 00000000 ____D C:\ProgramData\Skype ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-04-17 17:08:30 Restore point made on: 2013-04-18 17:04:08 Restore point made on: 2013-04-24 05:29:09 Restore point made on: 2013-04-24 16:38:51 Restore point made on: 2013-04-25 06:40:07 Restore point made on: 2013-04-25 19:28:55 Restore point made on: 2013-04-26 16:48:27 Restore point made on: 2013-05-02 16:51:18 Restore point made on: 2013-05-03 10:11:49 Restore point made on: 2013-05-04 07:23:15 Restore point made on: 2013-05-05 05:56:28 ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 3686.11 MB Available physical RAM: 3077.71 MB Total Pagefile: 3684.31 MB Available Pagefile: 3078.45 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:188.94 GB) (Free:41.46 GB) NTFS (Disk=0 Partition=2) Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.17 GB) NTFS (Disk=0 Partition=4) Drive g: () (Removable) (Total:0.25 GB) (Free:0.24 GB) FAT (Disk=1 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 232 GB 1024 KB Disk 1 Online 253 MB 0 B Partitions of Disk 0: =============== Disk ID: 7C037A3B Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 200 MB 1024 KB Partition 2 Primary 188 GB 201 MB Partition 0 Extended 28 GB 189 GB Partition 4 Logical 28 GB 189 GB Partition 3 OEM 14 GB 218 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y NTFS Partition 200 MB Healthy ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 188 GB Healthy ========================================================= Disk: 0 Partition 4 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 D LENOVO NTFS Partition 28 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 12 Hidden: Yes Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 5 LENOVO_PART NTFS Partition 14 GB Healthy Hidden ========================================================= Partitions of Disk 1: =============== Disk ID: 0D0C0B0A Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 252 MB 16 KB ================================================================================== Disk: 1 Partition 1 Type : 06 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 G FAT Removable 252 MB Healthy ========================================================= ============================== MBR & Partition Table ================== ==================================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 7C037A3B) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=189 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=15 GB) - (Type=12) ==================================================================== Disk: 1 (Size: 253 MB) (Disk ID: 0D0C0B0A) Partition 1: (Active) - (Size=253 MB) - (Type=06) Last Boot: 2013-05-04 08:30 ==================== End Of Log ============================

Rebooting now Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-05-2013 02 Ran by SYSTEM at 2013-05-06 12:27:30 Run:3 Running from G:\ Boot Mode: Recovery ============================================== HKEY_USERS\BryantKeefe\Software\Microsoft\Windows\CurrentVersion\Run\\RegistryKit v2.0 => Value not found. HKEY_USERS\BryantKeefe\Software\Microsoft\Windows\CurrentVersion\Run\\RegistryKit Reminder v2.0 => Value not found. ==== End of Fixlog ====

I have to leave for 1 hour. Thank you! for helping.

Not starting past black screen. New scan below: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2013 02 Ran by SYSTEM on 06-05-2013 10:14:58 Running from G:\ Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet002 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2011-07-28] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-07-28] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2011-07-28] (Lenovo) HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation) HKLM\...\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-09-04] (CANON INC.) HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-15] (Synaptics Incorporated) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-05-25] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro) HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-07-28] (Lenovo) HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup [655360 2012-09-25] () HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4394032 2013-03-13] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide [2793304 2009-10-14] () HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [228448 2011-01-28] (CyberLink Corp.) HKLM-x32\...\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2011-01-28] (CyberLink) HKLM-x32\...\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe /run [383344 2010-12-13] (Egis Technology Inc. ) HKLM-x32\...\Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [364400 2010-10-22] (Egis Technology Inc. ) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.) HKLM-x32\...\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [202096 2010-11-05] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [407920 2010-11-05] (Egis Technology Inc.) HKU\BryantKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.) HKU\BryantKeefe\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19357112 2013-03-07] (Google) HKU\BryantKeefe\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com) HKU\BryantKeefe\...\Run: [Google Update] "C:\Users\BryantKeefe\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-02-16] (Google Inc.) HKU\BryantKeefe\...\Run: [GoogleChromeAutoLaunch_396D1C86E4D946F333C66A812C053E66] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window [1312720 2013-04-09] (Google Inc.) HKU\BryantKeefe\...\Run: [ROC_ROC_APR2013_AV] C:\Users\BryantKeefe\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 52b1eb98523547d197972197b79054a5-0d1704d861aa73c8e370fa11febc830e50eae3e6 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x] HKU\BryantKeefe\...\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [247768 2012-08-28] (TomTom) HKU\BryantKeefe\...\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18643048 2013-02-28] (Skype Technologies S.A.) HKU\BryantKeefe\...\Run: [RegistryKit v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [x] HKU\BryantKeefe\...\Run: [RegistryKit Reminder v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [x] HKU\EdwardKeefe\...\Run: [best Buy pc app] C:\Users\EdwardKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x] HKU\EdwardKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.) HKU\EdwardKeefe\...\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex [706776 2013-03-13] (Adobe Systems Incorporated) Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter Startup: C:\ProgramData\Start Menu\Programs\Startup\MozyHome Status.lnk ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.) Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) ==================== Services (Whitelisted) ================= S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-02-27] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [282624 2013-02-19] (AVG Technologies CZ, s.r.o.) S2 CxAudMsg; C:\windows\system32\CxAudMsg64.exe [198784 2010-12-17] (Conexant Systems Inc.) S2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8498608 2012-04-10] (DisplayLink Corp.) S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. ) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54672 2012-11-09] (Mozy, Inc.) S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2012-04-13] () S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x] ==================== Drivers (Whitelisted) ==================== S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-02-26] (AVG Technologies CZ, s.r.o.) S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.) S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.) S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [239416 2013-02-14] (AVG Technologies CZ, s.r.o.) S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys [17408 2012-11-11] (http://libusb-win32.sourceforge.net) S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67368 2012-11-09] (Mozy, Inc.) S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation) S3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation) S3 BcmSqlStartupSvc; S1 BPntDrv; system32\drivers\BPntDrv.sys [x] S2 CLKMSVC10_3A60B698; S2 CLKMSVC10_C3B3B687; S3 dfg; System32\DRIVERS\dfg.sys [x] S2 DriverService; S0 fbfmon; system32\drivers\fbfmon.sys [x] S2 IAStorDataMgrSvc; S2 iATAgentService; S2 idealife Update Service; S3 IGRS; S2 IviRegMgr; S2 nvUpdatusService; S2 Oasis2Service; S2 PCCarerService; S2 ReadyComm.DirectRouter; S2 RichVideo; S2 RtLedService; S2 SeaPort; S2 SoftwareService; S3 SQLWriter; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST 2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini 2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe 2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk 2013-05-05 14:51 - 2008-12-09 23:16 - 00023552 ____A (defrag Development Team) C:\Windows\SysWOW64\Drivers\dfg.sys 2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp 2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp 2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes 2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp 2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-05 07:48 - 2013-04-04 13:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle 2013-05-05 07:12 - 2013-05-05 12:01 - 00000000 ____D C:\Windows\pss 2013-05-05 04:48 - 2013-05-05 04:49 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp 2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics 2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics 2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts 2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics 2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales 2013-04-25 06:40 - 2012-11-09 09:56 - 00067368 ____A (Mozy, Inc.) C:\Windows\System32\Drivers\mozy.sys 2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics 2013-04-24 03:17 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics 2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip 2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv 2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx 2013-04-19 12:07 - 2013-04-19 12:08 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip 2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip 2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv 2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv 2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv 2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv 2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv 2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv 2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv 2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv 2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv 2013-04-18 15:31 - 2013-04-18 15:33 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv 2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv 2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv 2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics 2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv 2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv 2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html 2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html 2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls 2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-04-10 01:02 - 2013-02-21 22:57 - 17817088 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-04-10 01:02 - 2013-02-21 22:29 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-04-10 01:02 - 2013-02-21 22:27 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-04-10 01:02 - 2013-02-21 22:21 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-04-10 01:02 - 2013-02-21 22:20 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-04-10 01:02 - 2013-02-21 22:19 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-04-10 01:02 - 2013-02-21 22:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-04-10 01:02 - 2013-02-21 22:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-04-10 01:02 - 2013-02-21 22:15 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-04-10 01:02 - 2013-02-21 22:15 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-04-10 01:02 - 2013-02-21 22:15 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-04-10 01:02 - 2013-02-21 22:14 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-04-10 01:02 - 2013-02-21 22:13 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-04-10 01:02 - 2013-02-21 22:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-04-10 01:02 - 2013-02-21 22:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-04-10 01:02 - 2013-02-21 22:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-04-10 01:02 - 2013-02-21 20:05 - 12324352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-04-10 01:02 - 2013-02-21 19:47 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-04-10 01:02 - 2013-02-21 19:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-04-10 01:02 - 2013-02-21 19:38 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-04-10 01:02 - 2013-02-21 19:38 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-04-10 01:02 - 2013-02-21 19:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-04-10 01:02 - 2013-02-21 19:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-04-10 01:02 - 2013-02-21 19:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-04-10 01:02 - 2013-02-21 19:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-04-10 01:02 - 2013-02-21 19:34 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-04-10 01:02 - 2013-02-21 19:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-04-10 01:02 - 2013-02-21 19:33 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-04-10 01:02 - 2013-02-21 19:32 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-04-10 01:02 - 2013-02-21 19:31 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-04-10 01:02 - 2013-02-21 19:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-04-10 01:02 - 2013-02-21 19:28 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-04-09 23:58 - 2013-02-28 19:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-04-09 23:57 - 2013-02-14 22:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll 2013-04-09 23:57 - 2013-02-14 22:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll 2013-04-09 23:57 - 2013-02-14 22:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll 2013-04-09 23:57 - 2013-02-14 20:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-04-09 23:57 - 2013-02-14 20:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2013-04-09 23:57 - 2013-02-14 19:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2013-04-09 23:57 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys 2013-04-09 23:56 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2013-04-09 23:56 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2013-04-09 23:56 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-04-09 23:56 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-04-09 23:56 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-04-09 23:56 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe 2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp ==================== One Month Modified Files and Folders ======= 2013-05-06 09:09 - 2011-07-28 16:11 - 00110710 ____A C:\Windows\System32\fastboot.set 2013-05-06 09:09 - 2011-07-28 15:44 - 01863923 ____A C:\FaceProv.log 2013-05-06 09:09 - 2010-11-20 19:47 - 00095752 ____A C:\Windows\PFRO.log 2013-05-06 09:09 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-05-06 09:09 - 2009-07-13 20:51 - 00069822 ____A C:\Windows\setupact.log 2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST 2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini 2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe 2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk 2013-05-05 14:50 - 2009-07-13 21:13 - 00779306 ____A C:\Windows\System32\PerfStringBackup.INI 2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp 2013-05-05 14:45 - 2013-02-12 04:58 - 371745274 ____A C:\Windows\MEMORY.DMP 2013-05-05 14:45 - 2013-02-12 04:58 - 00000000 ____D C:\Windows\Minidump 2013-05-05 14:38 - 2011-07-28 14:57 - 01201659 ____A C:\Windows\WindowsUpdate.log 2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp 2013-05-05 12:01 - 2013-05-05 07:12 - 00000000 ____D C:\Windows\pss 2013-05-05 11:24 - 2011-07-28 16:04 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes 2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp 2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle 2013-05-05 07:43 - 2011-10-04 16:30 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Local\Google 2013-05-05 07:27 - 2013-02-10 11:48 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs 2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-05-05 07:18 - 2012-11-22 08:18 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\Htc 2013-05-05 07:18 - 2012-11-12 15:11 - 00000000 ___SD C:\Users\BryantKeefe\Google Drive 2013-05-05 07:16 - 2011-07-28 15:44 - 00000000 ____D C:\ProgramData\VeriFace 2013-05-05 07:03 - 2012-12-30 18:20 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\CrashDumps 2013-05-05 06:58 - 2011-07-28 16:04 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-05-05 06:46 - 2012-11-12 04:18 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-05-05 06:31 - 2013-03-05 13:20 - 00000932 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003UA.job 2013-05-05 05:57 - 2012-11-09 09:56 - 00006372 ____A C:\Windows\mozy.flt 2013-05-05 05:57 - 2012-11-09 09:56 - 00005256 ____A C:\Windows\mozy.blk 2013-05-05 05:51 - 2012-11-18 15:58 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Skype 2013-05-05 04:49 - 2013-05-05 04:48 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp 2013-05-04 17:22 - 2012-02-20 17:45 - 00000000 ____D C:\ProgramData\MFAData 2013-05-04 17:04 - 2013-03-05 13:20 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003Core.job 2013-05-03 10:59 - 2012-11-26 10:16 - 00000000 ____D C:\Users\BryantKeefe\Documents\FairwayStuff 2013-05-02 17:13 - 2012-11-23 13:56 - 00000000 ____D C:\Users\BryantKeefe\Documents\Outlook Files 2013-05-02 09:53 - 2012-11-19 10:56 - 00061304 ____A C:\Users\BryantKeefe\g2mdlhlpx.exe 2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics 2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics 2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts 2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics 2013-04-30 10:27 - 2012-11-11 04:31 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Mozilla 2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales 2013-04-29 12:41 - 2011-11-15 12:41 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-04-25 06:40 - 2012-11-27 16:05 - 00000000 ____D C:\Program Files\MozyHome 2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics 2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics 2013-04-23 05:58 - 2011-07-28 15:35 - 00000000 ____D C:\ProgramData\Adobe 2013-04-23 05:57 - 2012-11-12 04:18 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-04-23 05:57 - 2012-02-20 17:39 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip 2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv 2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx 2013-04-19 12:08 - 2013-04-19 12:07 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip 2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip 2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv 2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv 2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv 2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv 2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv 2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv 2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv 2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv 2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv 2013-04-18 15:33 - 2013-04-18 15:31 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv 2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv 2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv 2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics 2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv 2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv 2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html 2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html 2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls 2013-04-13 06:40 - 2009-07-13 21:08 - 00032586 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2013-04-13 06:39 - 2012-11-11 04:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-04-12 06:45 - 2013-04-24 03:17 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-04-11 04:59 - 2011-07-28 16:04 - 00002183 ____A C:\Users\Public\Desktop\Internet Browser.lnk 2013-04-10 05:52 - 2009-07-13 20:45 - 00366616 ____A C:\Windows\System32\FNTCACHE.DAT 2013-04-10 01:04 - 2011-11-15 08:16 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-04-10 01:02 - 2012-11-23 13:14 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-04-09 11:47 - 2013-03-26 07:20 - 00000000 ____D C:\Users\BryantKeefe\Documents\100Calls 2013-04-09 07:38 - 2012-11-10 16:55 - 00000000 ____D C:\users\BryantKeefe 2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp 2013-04-06 01:23 - 2011-11-15 12:41 - 00000000 ____D C:\ProgramData\Skype ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-04-17 17:08:30 Restore point made on: 2013-04-18 17:04:08 Restore point made on: 2013-04-24 05:29:09 Restore point made on: 2013-04-24 16:38:51 Restore point made on: 2013-04-25 06:40:07 Restore point made on: 2013-04-25 19:28:55 Restore point made on: 2013-04-26 16:48:27 Restore point made on: 2013-05-02 16:51:18 Restore point made on: 2013-05-03 10:11:49 Restore point made on: 2013-05-04 07:23:15 Restore point made on: 2013-05-05 05:56:28 ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 3686.11 MB Available physical RAM: 3077.16 MB Total Pagefile: 3684.31 MB Available Pagefile: 3077.75 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:188.94 GB) (Free:41.46 GB) NTFS (Disk=0 Partition=2) Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.17 GB) NTFS (Disk=0 Partition=4) Drive g: () (Removable) (Total:0.25 GB) (Free:0.24 GB) FAT (Disk=1 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 232 GB 1024 KB Disk 1 Online 253 MB 0 B Partitions of Disk 0: =============== Disk ID: 7C037A3B Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 200 MB 1024 KB Partition 2 Primary 188 GB 201 MB Partition 0 Extended 28 GB 189 GB Partition 4 Logical 28 GB 189 GB Partition 3 OEM 14 GB 218 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y NTFS Partition 200 MB Healthy ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 188 GB Healthy ========================================================= Disk: 0 Partition 4 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 D LENOVO NTFS Partition 28 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 12 Hidden: Yes Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 5 LENOVO_PART NTFS Partition 14 GB Healthy Hidden ========================================================= Partitions of Disk 1: =============== Disk ID: 0D0C0B0A Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 252 MB 16 KB ================================================================================== Disk: 1 Partition 1 Type : 06 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 G FAT Removable 252 MB Healthy ========================================================= ============================== MBR & Partition Table ================== ==================================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 7C037A3B) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=189 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=15 GB) - (Type=12) ==================================================================== Disk: 1 (Size: 253 MB) (Disk ID: 0D0C0B0A) Partition 1: (Active) - (Size=253 MB) - (Type=06) Last Boot: 2013-05-04 08:30 ==================== End Of Log ============================

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-05-2013 02 Ran by SYSTEM at 2013-05-06 10:08:00 Run:2 Running from G:\ Boot Mode: Recovery ============================================== HKEY_USERS\BryantKeefe\Software\Microsoft\Windows\CurrentVersion\Run\\RegistryKit v2.0 => Value not found. HKEY_USERS\BryantKeefe\Software\Microsoft\Windows\CurrentVersion\Run\\RegistryKit Reminder v2.0 => Value not found. C:\Program Files (x86)\Registry Kit => Moved successfully. ==== End of Fixlog ====

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2013 02 Ran by SYSTEM on 06-05-2013 09:36:58 Running from G:\ Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet002 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2011-07-28] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-07-28] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2011-07-28] (Lenovo) HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation) HKLM\...\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-09-04] (CANON INC.) HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-15] (Synaptics Incorporated) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-05-25] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro) HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-07-28] (Lenovo) HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup [655360 2012-09-25] () HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4394032 2013-03-13] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide [2793304 2009-10-14] () HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [228448 2011-01-28] (CyberLink Corp.) HKLM-x32\...\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2011-01-28] (CyberLink) HKLM-x32\...\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe /run [383344 2010-12-13] (Egis Technology Inc. ) HKLM-x32\...\Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [364400 2010-10-22] (Egis Technology Inc. ) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.) HKLM-x32\...\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [202096 2010-11-05] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [407920 2010-11-05] (Egis Technology Inc.) HKU\BryantKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.) HKU\BryantKeefe\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19357112 2013-03-07] (Google) HKU\BryantKeefe\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com) HKU\BryantKeefe\...\Run: [Google Update] "C:\Users\BryantKeefe\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-02-16] (Google Inc.) HKU\BryantKeefe\...\Run: [GoogleChromeAutoLaunch_396D1C86E4D946F333C66A812C053E66] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window [1312720 2013-04-09] (Google Inc.) HKU\BryantKeefe\...\Run: [ROC_ROC_APR2013_AV] C:\Users\BryantKeefe\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 52b1eb98523547d197972197b79054a5-0d1704d861aa73c8e370fa11febc830e50eae3e6 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x] HKU\BryantKeefe\...\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [247768 2012-08-28] (TomTom) HKU\BryantKeefe\...\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18643048 2013-02-28] (Skype Technologies S.A.) HKU\BryantKeefe\...\Run: [RegistryKit v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [172200 2012-09-17] () HKU\BryantKeefe\...\Run: [RegistryKit Reminder v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [172200 2012-09-17] () HKU\EdwardKeefe\...\Run: [best Buy pc app] C:\Users\EdwardKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x] HKU\EdwardKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.) HKU\EdwardKeefe\...\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex [706776 2013-03-13] (Adobe Systems Incorporated) Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter Startup: C:\ProgramData\Start Menu\Programs\Startup\MozyHome Status.lnk ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.) Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) ==================== Services (Whitelisted) ================= S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-02-27] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [282624 2013-02-19] (AVG Technologies CZ, s.r.o.) S2 CxAudMsg; C:\windows\system32\CxAudMsg64.exe [198784 2010-12-17] (Conexant Systems Inc.) S2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8498608 2012-04-10] (DisplayLink Corp.) S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. ) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54672 2012-11-09] (Mozy, Inc.) S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2012-04-13] () S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x] ==================== Drivers (Whitelisted) ==================== S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-02-26] (AVG Technologies CZ, s.r.o.) S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.) S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.) S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [239416 2013-02-14] (AVG Technologies CZ, s.r.o.) S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys [17408 2012-11-11] (http://libusb-win32.sourceforge.net) S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67368 2012-11-09] (Mozy, Inc.) S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation) S3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation) S3 BcmSqlStartupSvc; S1 BPntDrv; system32\drivers\BPntDrv.sys [x] S2 CLKMSVC10_3A60B698; S2 CLKMSVC10_C3B3B687; S3 dfg; System32\DRIVERS\dfg.sys [x] S2 DriverService; S0 fbfmon; system32\drivers\fbfmon.sys [x] S2 IAStorDataMgrSvc; S2 iATAgentService; S2 idealife Update Service; S3 IGRS; S2 IviRegMgr; S2 nvUpdatusService; S2 Oasis2Service; S2 PCCarerService; S2 ReadyComm.DirectRouter; S2 RichVideo; S2 RtLedService; S2 SeaPort; S2 SoftwareService; S3 SQLWriter; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST 2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini 2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe 2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk 2013-05-05 14:51 - 2013-05-05 14:51 - 00000000 ____D C:\Program Files (x86)\Registry Kit 2013-05-05 14:51 - 2008-12-09 23:16 - 00023552 ____A (defrag Development Team) C:\Windows\SysWOW64\Drivers\dfg.sys 2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp 2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp 2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes 2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp 2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-05 07:48 - 2013-04-04 13:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle 2013-05-05 07:12 - 2013-05-05 12:01 - 00000000 ____D C:\Windows\pss 2013-05-05 04:48 - 2013-05-05 04:49 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp 2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics 2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics 2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts 2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics 2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales 2013-04-25 06:40 - 2012-11-09 09:56 - 00067368 ____A (Mozy, Inc.) C:\Windows\System32\Drivers\mozy.sys 2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics 2013-04-24 03:17 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics 2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip 2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv 2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx 2013-04-19 12:07 - 2013-04-19 12:08 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip 2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip 2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv 2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv 2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv 2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv 2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv 2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv 2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv 2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv 2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv 2013-04-18 15:31 - 2013-04-18 15:33 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv 2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv 2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv 2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics 2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv 2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv 2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html 2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html 2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls 2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-04-10 01:02 - 2013-02-21 22:57 - 17817088 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-04-10 01:02 - 2013-02-21 22:29 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-04-10 01:02 - 2013-02-21 22:27 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-04-10 01:02 - 2013-02-21 22:21 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-04-10 01:02 - 2013-02-21 22:20 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-04-10 01:02 - 2013-02-21 22:19 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-04-10 01:02 - 2013-02-21 22:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-04-10 01:02 - 2013-02-21 22:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-04-10 01:02 - 2013-02-21 22:15 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-04-10 01:02 - 2013-02-21 22:15 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-04-10 01:02 - 2013-02-21 22:15 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-04-10 01:02 - 2013-02-21 22:14 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-04-10 01:02 - 2013-02-21 22:13 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-04-10 01:02 - 2013-02-21 22:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-04-10 01:02 - 2013-02-21 22:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-04-10 01:02 - 2013-02-21 22:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-04-10 01:02 - 2013-02-21 20:05 - 12324352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-04-10 01:02 - 2013-02-21 19:47 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-04-10 01:02 - 2013-02-21 19:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-04-10 01:02 - 2013-02-21 19:38 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-04-10 01:02 - 2013-02-21 19:38 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-04-10 01:02 - 2013-02-21 19:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-04-10 01:02 - 2013-02-21 19:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-04-10 01:02 - 2013-02-21 19:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-04-10 01:02 - 2013-02-21 19:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-04-10 01:02 - 2013-02-21 19:34 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-04-10 01:02 - 2013-02-21 19:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-04-10 01:02 - 2013-02-21 19:33 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-04-10 01:02 - 2013-02-21 19:32 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-04-10 01:02 - 2013-02-21 19:31 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-04-10 01:02 - 2013-02-21 19:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-04-10 01:02 - 2013-02-21 19:28 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-04-09 23:58 - 2013-02-28 19:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-04-09 23:57 - 2013-02-14 22:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll 2013-04-09 23:57 - 2013-02-14 22:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll 2013-04-09 23:57 - 2013-02-14 22:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll 2013-04-09 23:57 - 2013-02-14 20:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-04-09 23:57 - 2013-02-14 20:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2013-04-09 23:57 - 2013-02-14 19:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2013-04-09 23:57 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys 2013-04-09 23:56 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2013-04-09 23:56 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2013-04-09 23:56 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-04-09 23:56 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-04-09 23:56 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-04-09 23:56 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe 2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp ==================== One Month Modified Files and Folders ======= 2013-05-06 08:22 - 2011-07-28 16:11 - 00110710 ____A C:\Windows\System32\fastboot.set 2013-05-06 08:22 - 2011-07-28 15:44 - 01861864 ____A C:\FaceProv.log 2013-05-06 08:22 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-05-06 08:21 - 2010-11-20 19:47 - 00095462 ____A C:\Windows\PFRO.log 2013-05-06 08:21 - 2009-07-13 20:51 - 00069766 ____A C:\Windows\setupact.log 2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST 2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini 2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe 2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk 2013-05-05 14:51 - 2013-05-05 14:51 - 00000000 ____D C:\Program Files (x86)\Registry Kit 2013-05-05 14:50 - 2009-07-13 21:13 - 00779306 ____A C:\Windows\System32\PerfStringBackup.INI 2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp 2013-05-05 14:45 - 2013-02-12 04:58 - 371745274 ____A C:\Windows\MEMORY.DMP 2013-05-05 14:45 - 2013-02-12 04:58 - 00000000 ____D C:\Windows\Minidump 2013-05-05 14:38 - 2011-07-28 14:57 - 01201659 ____A C:\Windows\WindowsUpdate.log 2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp 2013-05-05 12:01 - 2013-05-05 07:12 - 00000000 ____D C:\Windows\pss 2013-05-05 11:24 - 2011-07-28 16:04 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes 2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp 2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle 2013-05-05 07:43 - 2011-10-04 16:30 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Local\Google 2013-05-05 07:27 - 2013-02-10 11:48 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs 2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-05-05 07:18 - 2012-11-22 08:18 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\Htc 2013-05-05 07:18 - 2012-11-12 15:11 - 00000000 ___SD C:\Users\BryantKeefe\Google Drive 2013-05-05 07:16 - 2011-07-28 15:44 - 00000000 ____D C:\ProgramData\VeriFace 2013-05-05 07:03 - 2012-12-30 18:20 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\CrashDumps 2013-05-05 06:58 - 2011-07-28 16:04 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-05-05 06:46 - 2012-11-12 04:18 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-05-05 06:31 - 2013-03-05 13:20 - 00000932 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003UA.job 2013-05-05 05:57 - 2012-11-09 09:56 - 00006372 ____A C:\Windows\mozy.flt 2013-05-05 05:57 - 2012-11-09 09:56 - 00005256 ____A C:\Windows\mozy.blk 2013-05-05 05:51 - 2012-11-18 15:58 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Skype 2013-05-05 04:49 - 2013-05-05 04:48 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp 2013-05-04 17:22 - 2012-02-20 17:45 - 00000000 ____D C:\ProgramData\MFAData 2013-05-04 17:04 - 2013-03-05 13:20 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003Core.job 2013-05-03 10:59 - 2012-11-26 10:16 - 00000000 ____D C:\Users\BryantKeefe\Documents\FairwayStuff 2013-05-02 17:13 - 2012-11-23 13:56 - 00000000 ____D C:\Users\BryantKeefe\Documents\Outlook Files 2013-05-02 09:53 - 2012-11-19 10:56 - 00061304 ____A C:\Users\BryantKeefe\g2mdlhlpx.exe 2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics 2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics 2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts 2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics 2013-04-30 10:27 - 2012-11-11 04:31 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Mozilla 2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales 2013-04-29 12:41 - 2011-11-15 12:41 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-04-25 06:40 - 2012-11-27 16:05 - 00000000 ____D C:\Program Files\MozyHome 2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics 2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics 2013-04-23 05:58 - 2011-07-28 15:35 - 00000000 ____D C:\ProgramData\Adobe 2013-04-23 05:57 - 2012-11-12 04:18 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-04-23 05:57 - 2012-02-20 17:39 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip 2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv 2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx 2013-04-19 12:08 - 2013-04-19 12:07 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip 2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip 2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv 2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv 2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv 2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv 2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv 2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv 2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv 2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv 2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv 2013-04-18 15:33 - 2013-04-18 15:31 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv 2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv 2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv 2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics 2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv 2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv 2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html 2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html 2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls 2013-04-13 06:40 - 2009-07-13 21:08 - 00032586 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2013-04-13 06:39 - 2012-11-11 04:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-04-12 06:45 - 2013-04-24 03:17 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-04-11 04:59 - 2011-07-28 16:04 - 00002183 ____A C:\Users\Public\Desktop\Internet Browser.lnk 2013-04-10 05:52 - 2009-07-13 20:45 - 00366616 ____A C:\Windows\System32\FNTCACHE.DAT 2013-04-10 01:04 - 2011-11-15 08:16 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-04-10 01:02 - 2012-11-23 13:14 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-04-09 11:47 - 2013-03-26 07:20 - 00000000 ____D C:\Users\BryantKeefe\Documents\100Calls 2013-04-09 07:38 - 2012-11-10 16:55 - 00000000 ____D C:\users\BryantKeefe 2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp 2013-04-06 01:23 - 2011-11-15 12:41 - 00000000 ____D C:\ProgramData\Skype ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-04-17 17:08:30 Restore point made on: 2013-04-18 17:04:08 Restore point made on: 2013-04-24 05:29:09 Restore point made on: 2013-04-24 16:38:51 Restore point made on: 2013-04-25 06:40:07 Restore point made on: 2013-04-25 19:28:55 Restore point made on: 2013-04-26 16:48:27 Restore point made on: 2013-05-02 16:51:18 Restore point made on: 2013-05-03 10:11:49 Restore point made on: 2013-05-04 07:23:15 Restore point made on: 2013-05-05 05:56:28 ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 3686.11 MB Available physical RAM: 3076.62 MB Total Pagefile: 3684.31 MB Available Pagefile: 3077.38 MB Total Virtual: 8192 MB Available Virtual: 8191.89 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:188.94 GB) (Free:41.46 GB) NTFS (Disk=0 Partition=2) Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.17 GB) NTFS (Disk=0 Partition=4) Drive g: () (Removable) (Total:0.25 GB) (Free:0.24 GB) FAT (Disk=1 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 232 GB 1024 KB Disk 1 Online 253 MB 0 B Partitions of Disk 0: =============== Disk ID: 7C037A3B Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 200 MB 1024 KB Partition 2 Primary 188 GB 201 MB Partition 0 Extended 28 GB 189 GB Partition 4 Logical 28 GB 189 GB Partition 3 OEM 14 GB 218 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y NTFS Partition 200 MB Healthy ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 188 GB Healthy ========================================================= Disk: 0 Partition 4 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 D LENOVO NTFS Partition 28 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 12 Hidden: Yes Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 5 LENOVO_PART NTFS Partition 14 GB Healthy Hidden ========================================================= Partitions of Disk 1: =============== Disk ID: 0D0C0B0A Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 252 MB 16 KB ================================================================================== Disk: 1 Partition 1 Type : 06 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 G FAT Removable 252 MB Healthy ========================================================= ============================== MBR & Partition Table ================== ==================================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 7C037A3B) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=189 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=15 GB) - (Type=12) ==================================================================== Disk: 1 (Size: 253 MB) (Disk ID: 0D0C0B0A) Partition 1: (Active) - (Size=253 MB) - (Type=06) Last Boot: 2013-05-04 08:30 ==================== End Of Log ============================

Computer is frozen at black screen with mouse cursor showing.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-05-2013 02 Ran by SYSTEM at 2013-05-06 09:20:03 Run:1 Running from G:\ Boot Mode: Recovery ============================================== C:\Users\BryantKeefe\AppData\Roaming\skype.ini => Moved successfully. ==== End of Fixlog ====

Hello, My computer will only run the Welcome screen with wheel spinning. I have run Malwarebytes, start-up repair and anything else I can think of. Do not understand how to pay someone to fix and I see mention of "paying customers". I did run Farbar FRST64 scanned and have a log. In over my head. Thanks. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2013 02 Ran by SYSTEM on 06-05-2013 08:05:23 Running from G:\ Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet002 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2011-07-28] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-07-28] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2011-07-28] (Lenovo) HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation) HKLM\...\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-09-04] (CANON INC.) HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-15] (Synaptics Incorporated) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-05-25] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro) HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-07-28] (Lenovo) HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.) HKLM-x32\...\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup [655360 2012-09-25] () HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4394032 2013-03-13] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide [2793304 2009-10-14] () HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [228448 2011-01-28] (CyberLink Corp.) HKLM-x32\...\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2011-01-28] (CyberLink) HKLM-x32\...\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe /run [383344 2010-12-13] (Egis Technology Inc. ) HKLM-x32\...\Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [364400 2010-10-22] (Egis Technology Inc. ) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.) HKLM-x32\...\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [202096 2010-11-05] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [407920 2010-11-05] (Egis Technology Inc.) HKU\BryantKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.) HKU\BryantKeefe\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19357112 2013-03-07] (Google) HKU\BryantKeefe\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com) HKU\BryantKeefe\...\Run: [Google Update] "C:\Users\BryantKeefe\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-02-16] (Google Inc.) HKU\BryantKeefe\...\Run: [GoogleChromeAutoLaunch_396D1C86E4D946F333C66A812C053E66] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window [1312720 2013-04-09] (Google Inc.) HKU\BryantKeefe\...\Run: [ROC_ROC_APR2013_AV] C:\Users\BryantKeefe\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 52b1eb98523547d197972197b79054a5-0d1704d861aa73c8e370fa11febc830e50eae3e6 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x] HKU\BryantKeefe\...\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [247768 2012-08-28] (TomTom) HKU\BryantKeefe\...\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18643048 2013-02-28] (Skype Technologies S.A.) HKU\BryantKeefe\...\Run: [RegistryKit v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [172200 2012-09-17] () HKU\BryantKeefe\...\Run: [RegistryKit Reminder v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [172200 2012-09-17] () HKU\EdwardKeefe\...\Run: [best Buy pc app] C:\Users\EdwardKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x] HKU\EdwardKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.) HKU\EdwardKeefe\...\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex [706776 2013-03-13] (Adobe Systems Incorporated) Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter Startup: C:\ProgramData\Start Menu\Programs\Startup\MozyHome Status.lnk ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.) Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) ==================== Services (Whitelisted) ================= S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-02-27] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [282624 2013-02-19] (AVG Technologies CZ, s.r.o.) S2 CxAudMsg; C:\windows\system32\CxAudMsg64.exe [198784 2010-12-17] (Conexant Systems Inc.) S2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8498608 2012-04-10] (DisplayLink Corp.) S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. ) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54672 2012-11-09] (Mozy, Inc.) S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2012-04-13] () S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x] ==================== Drivers (Whitelisted) ==================== S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-02-26] (AVG Technologies CZ, s.r.o.) S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.) S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.) S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [239416 2013-02-14] (AVG Technologies CZ, s.r.o.) S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys [17408 2012-11-11] (http://libusb-win32.sourceforge.net) S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67368 2012-11-09] (Mozy, Inc.) S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation) S3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation) S3 BcmSqlStartupSvc; S1 BPntDrv; system32\drivers\BPntDrv.sys [x] S2 CLKMSVC10_3A60B698; S2 CLKMSVC10_C3B3B687; S3 dfg; System32\DRIVERS\dfg.sys [x] S2 DriverService; S0 fbfmon; system32\drivers\fbfmon.sys [x] S2 IAStorDataMgrSvc; S2 iATAgentService; S2 idealife Update Service; S3 IGRS; S2 IviRegMgr; S2 nvUpdatusService; S2 Oasis2Service; S2 PCCarerService; S2 ReadyComm.DirectRouter; S2 RichVideo; S2 RtLedService; S2 SeaPort; S2 SoftwareService; S3 SQLWriter; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST 2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini 2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe 2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk 2013-05-05 14:51 - 2013-05-05 14:51 - 00000000 ____D C:\Program Files (x86)\Registry Kit 2013-05-05 14:51 - 2008-12-09 23:16 - 00023552 ____A (defrag Development Team) C:\Windows\SysWOW64\Drivers\dfg.sys 2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp 2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp 2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes 2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp 2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-05 07:48 - 2013-04-04 13:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle 2013-05-05 07:12 - 2013-05-05 12:01 - 00000000 ____D C:\Windows\pss 2013-05-05 05:23 - 2013-05-05 07:41 - 00000004 ____A C:\Users\BryantKeefe\AppData\Roaming\skype.ini 2013-05-05 04:48 - 2013-05-05 04:49 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp 2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics 2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics 2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts 2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics 2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales 2013-04-25 06:40 - 2012-11-09 09:56 - 00067368 ____A (Mozy, Inc.) C:\Windows\System32\Drivers\mozy.sys 2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics 2013-04-24 03:17 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics 2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip 2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv 2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx 2013-04-19 12:07 - 2013-04-19 12:08 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip 2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip 2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv 2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv 2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv 2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv 2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv 2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv 2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv 2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv 2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv 2013-04-18 15:31 - 2013-04-18 15:33 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv 2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv 2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv 2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics 2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv 2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv 2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html 2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html 2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls 2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-04-10 01:02 - 2013-02-21 22:57 - 17817088 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-04-10 01:02 - 2013-02-21 22:29 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-04-10 01:02 - 2013-02-21 22:27 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-04-10 01:02 - 2013-02-21 22:21 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-04-10 01:02 - 2013-02-21 22:20 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-04-10 01:02 - 2013-02-21 22:19 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-04-10 01:02 - 2013-02-21 22:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-04-10 01:02 - 2013-02-21 22:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-04-10 01:02 - 2013-02-21 22:15 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-04-10 01:02 - 2013-02-21 22:15 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-04-10 01:02 - 2013-02-21 22:15 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-04-10 01:02 - 2013-02-21 22:14 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-04-10 01:02 - 2013-02-21 22:13 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-04-10 01:02 - 2013-02-21 22:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-04-10 01:02 - 2013-02-21 22:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-04-10 01:02 - 2013-02-21 22:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-04-10 01:02 - 2013-02-21 20:05 - 12324352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-04-10 01:02 - 2013-02-21 19:47 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-04-10 01:02 - 2013-02-21 19:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-04-10 01:02 - 2013-02-21 19:38 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-04-10 01:02 - 2013-02-21 19:38 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-04-10 01:02 - 2013-02-21 19:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-04-10 01:02 - 2013-02-21 19:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-04-10 01:02 - 2013-02-21 19:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-04-10 01:02 - 2013-02-21 19:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-04-10 01:02 - 2013-02-21 19:34 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-04-10 01:02 - 2013-02-21 19:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-04-10 01:02 - 2013-02-21 19:33 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-04-10 01:02 - 2013-02-21 19:32 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-04-10 01:02 - 2013-02-21 19:31 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-04-10 01:02 - 2013-02-21 19:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-04-10 01:02 - 2013-02-21 19:28 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-04-09 23:58 - 2013-02-28 19:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-04-09 23:57 - 2013-02-14 22:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll 2013-04-09 23:57 - 2013-02-14 22:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll 2013-04-09 23:57 - 2013-02-14 22:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll 2013-04-09 23:57 - 2013-02-14 20:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-04-09 23:57 - 2013-02-14 20:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2013-04-09 23:57 - 2013-02-14 19:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2013-04-09 23:57 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys 2013-04-09 23:56 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2013-04-09 23:56 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2013-04-09 23:56 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-04-09 23:56 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-04-09 23:56 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-04-09 23:56 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe 2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp ==================== One Month Modified Files and Folders ======= 2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST 2013-05-06 05:25 - 2011-07-28 16:11 - 00115340 ____A C:\Windows\System32\fastboot.set 2013-05-06 05:25 - 2011-07-28 15:44 - 01857704 ____A C:\FaceProv.log 2013-05-06 05:25 - 2010-11-20 19:47 - 00094882 ____A C:\Windows\PFRO.log 2013-05-06 05:25 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-05-06 05:25 - 2009-07-13 20:51 - 00069654 ____A C:\Windows\setupact.log 2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini 2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe 2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk 2013-05-05 14:51 - 2013-05-05 14:51 - 00000000 ____D C:\Program Files (x86)\Registry Kit 2013-05-05 14:50 - 2009-07-13 21:13 - 00779306 ____A C:\Windows\System32\PerfStringBackup.INI 2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp 2013-05-05 14:45 - 2013-02-12 04:58 - 371745274 ____A C:\Windows\MEMORY.DMP 2013-05-05 14:45 - 2013-02-12 04:58 - 00000000 ____D C:\Windows\Minidump 2013-05-05 14:38 - 2011-07-28 14:57 - 01201659 ____A C:\Windows\WindowsUpdate.log 2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp 2013-05-05 12:01 - 2013-05-05 07:12 - 00000000 ____D C:\Windows\pss 2013-05-05 11:24 - 2011-07-28 16:04 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes 2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp 2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle 2013-05-05 07:43 - 2011-10-04 16:30 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Local\Google 2013-05-05 07:41 - 2013-05-05 05:23 - 00000004 ____A C:\Users\BryantKeefe\AppData\Roaming\skype.ini 2013-05-05 07:27 - 2013-02-10 11:48 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs 2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-05-05 07:18 - 2012-11-22 08:18 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\Htc 2013-05-05 07:18 - 2012-11-12 15:11 - 00000000 ___SD C:\Users\BryantKeefe\Google Drive 2013-05-05 07:16 - 2011-07-28 15:44 - 00000000 ____D C:\ProgramData\VeriFace 2013-05-05 07:03 - 2012-12-30 18:20 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\CrashDumps 2013-05-05 06:58 - 2011-07-28 16:04 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-05-05 06:46 - 2012-11-12 04:18 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-05-05 06:31 - 2013-03-05 13:20 - 00000932 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003UA.job 2013-05-05 05:57 - 2012-11-09 09:56 - 00006372 ____A C:\Windows\mozy.flt 2013-05-05 05:57 - 2012-11-09 09:56 - 00005256 ____A C:\Windows\mozy.blk 2013-05-05 05:51 - 2012-11-18 15:58 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Skype 2013-05-05 04:49 - 2013-05-05 04:48 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp 2013-05-04 17:22 - 2012-02-20 17:45 - 00000000 ____D C:\ProgramData\MFAData 2013-05-04 17:04 - 2013-03-05 13:20 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003Core.job 2013-05-03 10:59 - 2012-11-26 10:16 - 00000000 ____D C:\Users\BryantKeefe\Documents\FairwayStuff 2013-05-02 17:13 - 2012-11-23 13:56 - 00000000 ____D C:\Users\BryantKeefe\Documents\Outlook Files 2013-05-02 09:53 - 2012-11-19 10:56 - 00061304 ____A C:\Users\BryantKeefe\g2mdlhlpx.exe 2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics 2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics 2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts 2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics 2013-04-30 10:27 - 2012-11-11 04:31 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Mozilla 2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales 2013-04-29 12:41 - 2011-11-15 12:41 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-04-25 06:40 - 2012-11-27 16:05 - 00000000 ____D C:\Program Files\MozyHome 2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics 2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics 2013-04-23 05:58 - 2011-07-28 15:35 - 00000000 ____D C:\ProgramData\Adobe 2013-04-23 05:57 - 2012-11-12 04:18 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-04-23 05:57 - 2012-02-20 17:39 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip 2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv 2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx 2013-04-19 12:08 - 2013-04-19 12:07 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip 2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip 2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv 2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv 2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv 2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv 2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv 2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv 2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv 2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv 2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv 2013-04-18 15:33 - 2013-04-18 15:31 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv 2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv 2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv 2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics 2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv 2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv 2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html 2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html 2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls 2013-04-13 06:40 - 2009-07-13 21:08 - 00032586 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2013-04-13 06:39 - 2012-11-11 04:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-04-12 06:45 - 2013-04-24 03:17 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-04-11 04:59 - 2011-07-28 16:04 - 00002183 ____A C:\Users\Public\Desktop\Internet Browser.lnk 2013-04-10 05:52 - 2009-07-13 20:45 - 00366616 ____A C:\Windows\System32\FNTCACHE.DAT 2013-04-10 01:04 - 2011-11-15 08:16 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-04-10 01:02 - 2012-11-23 13:14 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-04-09 11:47 - 2013-03-26 07:20 - 00000000 ____D C:\Users\BryantKeefe\Documents\100Calls 2013-04-09 07:38 - 2012-11-10 16:55 - 00000000 ____D C:\users\BryantKeefe 2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp 2013-04-06 01:23 - 2011-11-15 12:41 - 00000000 ____D C:\ProgramData\Skype Other Malware: =========== C:\Users\BryantKeefe\AppData\Roaming\skype.ini ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-04-17 17:08:30 Restore point made on: 2013-04-18 17:04:08 Restore point made on: 2013-04-24 05:29:09 Restore point made on: 2013-04-24 16:38:51 Restore point made on: 2013-04-25 06:40:07 Restore point made on: 2013-04-25 19:28:55 Restore point made on: 2013-04-26 16:48:27 Restore point made on: 2013-05-02 16:51:18 Restore point made on: 2013-05-03 10:11:49 Restore point made on: 2013-05-04 07:23:15 Restore point made on: 2013-05-05 05:56:28 ==================== Memory info =========================== Percentage of memory in use: 16% Total physical RAM: 3686.11 MB Available physical RAM: 3077 MB Total Pagefile: 3684.31 MB Available Pagefile: 3076.54 MB Total Virtual: 8192 MB Available Virtual: 8191.88 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:188.94 GB) (Free:41.46 GB) NTFS (Disk=0 Partition=2) Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.17 GB) NTFS (Disk=0 Partition=4) Drive g: () (Removable) (Total:0.25 GB) (Free:0.24 GB) FAT (Disk=1 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 232 GB 1024 KB Disk 1 Online 253 MB 0 B Partitions of Disk 0: =============== Disk ID: 7C037A3B Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 200 MB 1024 KB Partition 2 Primary 188 GB 201 MB Partition 0 Extended 28 GB 189 GB Partition 4 Logical 28 GB 189 GB Partition 3 OEM 14 GB 218 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y NTFS Partition 200 MB Healthy ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 188 GB Healthy ========================================================= Disk: 0 Partition 4 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 D LENOVO NTFS Partition 28 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 12 Hidden: Yes Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 5 LENOVO_PART NTFS Partition 14 GB Healthy Hidden ========================================================= Partitions of Disk 1: =============== Disk ID: 0D0C0B0A Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 252 MB 16 KB ================================================================================== Disk: 1 Partition 1 Type : 06 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 G FAT Removable 252 MB Healthy ========================================================= ============================== MBR & Partition Table ================== ==================================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 7C037A3B) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=189 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=15 GB) - (Type=12) ==================================================================== Disk: 1 (Size: 253 MB) (Disk ID: 0D0C0B0A) Partition 1: (Active) - (Size=253 MB) - (Type=06) Last Boot: 2013-05-04 08:30 ==================== End Of Log ============================

Hello, I got the FBI MoneyGram virus. I downloaded and ran Malwarebytes in Safe Mode. Now computer will not start up. Goes from Blacj Screen mouse cursor to blue screen death. Just followed partial instructions to run FRST64 Farbar Recovery but unclear what to do once scan is done. Please help.