Jump to content

FBI MoneyGram Windows 7 Will not start up

bryantkeefe
 Share

Recommended Posts

bryantkeefe

bryantkeefe

Posted
Posted

Hello,

My computer will only run the Welcome screen with wheel spinning. I have run Malwarebytes, start-up repair and anything else I can think of. Do not understand how to pay someone to fix and I see mention of "paying customers". I did run Farbar FRST64 scanned and have a log.

In over my head.

Thanks.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2013 02

Ran by SYSTEM on 06-05-2013 08:05:23

Running from G:\

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Recovery

The current controlset is ControlSet002

ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2011-07-28] (Lenovo (Beijing) Limited)

HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-07-28] (Lenovo(beijing) Limited)

HKLM\...\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2011-07-28] (Lenovo)

HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)

HKLM\...\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [112512 2010-03-13] (Microsoft Corporation)

HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-09-04] (CANON INC.)

HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-15] (Synaptics Incorporated)

HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)

HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)

HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-05-25] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro)

HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-07-28] (Lenovo)

HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)

HKLM-x32\...\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup [655360 2012-09-25] ()

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4394032 2013-03-13] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide [2793304 2009-10-14] ()

HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM-x32\...\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [228448 2011-01-28] (CyberLink Corp.)

HKLM-x32\...\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2011-01-28] (CyberLink)

HKLM-x32\...\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe /run [383344 2010-12-13] (Egis Technology Inc. )

HKLM-x32\...\Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)

HKLM-x32\...\Run: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.)

HKLM-x32\...\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [364400 2010-10-22] (Egis Technology Inc. )

HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)

HKLM-x32\...\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [202096 2010-11-05] (Egis Technology Inc.)

HKLM-x32\...\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [407920 2010-11-05] (Egis Technology Inc.)

HKU\BryantKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.)

HKU\BryantKeefe\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19357112 2013-03-07] (Google)

HKU\BryantKeefe\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com)

HKU\BryantKeefe\...\Run: [Google Update] "C:\Users\BryantKeefe\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-02-16] (Google Inc.)

HKU\BryantKeefe\...\Run: [GoogleChromeAutoLaunch_396D1C86E4D946F333C66A812C053E66] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window [1312720 2013-04-09] (Google Inc.)

HKU\BryantKeefe\...\Run: [ROC_ROC_APR2013_AV] C:\Users\BryantKeefe\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 52b1eb98523547d197972197b79054a5-0d1704d861aa73c8e370fa11febc830e50eae3e6 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x]

HKU\BryantKeefe\...\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [247768 2012-08-28] (TomTom)

HKU\BryantKeefe\...\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18643048 2013-02-28] (Skype Technologies S.A.)

HKU\BryantKeefe\...\Run: [RegistryKit v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [172200 2012-09-17] ()

HKU\BryantKeefe\...\Run: [RegistryKit Reminder v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [172200 2012-09-17] ()

HKU\EdwardKeefe\...\Run: [best Buy pc app] C:\Users\EdwardKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x]

HKU\EdwardKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.)

HKU\EdwardKeefe\...\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex [706776 2013-03-13] (Adobe Systems Incorporated)

Lsa: [Notification Packages] scecli

EgisPwdFilter

EgisDSPwdFilter

EgisPLPwdFilter

Startup: C:\ProgramData\Start Menu\Programs\Startup\MozyHome Status.lnk

ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)

Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk

ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

==================== Services (Whitelisted) =================

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-02-27] (AVG Technologies CZ, s.r.o.)

S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [282624 2013-02-19] (AVG Technologies CZ, s.r.o.)

S2 CxAudMsg; C:\windows\system32\CxAudMsg64.exe [198784 2010-12-17] (Conexant Systems Inc.)

S2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8498608 2012-04-10] (DisplayLink Corp.)

S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. )

S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54672 2012-11-09] (Mozy, Inc.)

S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2012-04-13] ()

S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]

==================== Drivers (Whitelisted) ====================

S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-02-26] (AVG Technologies CZ, s.r.o.)

S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)

S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)

S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)

S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)

S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)

S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [239416 2013-02-14] (AVG Technologies CZ, s.r.o.)

S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys [17408 2012-11-11] (http://libusb-win32.sourceforge.net)

S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()

S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()

S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

S1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67368 2012-11-09] (Mozy, Inc.)

S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation)

S3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)

S3 BcmSqlStartupSvc;

S1 BPntDrv; system32\drivers\BPntDrv.sys [x]

S2 CLKMSVC10_3A60B698;

S2 CLKMSVC10_C3B3B687;

S3 dfg; System32\DRIVERS\dfg.sys [x]

S2 DriverService;

S0 fbfmon; system32\drivers\fbfmon.sys [x]

S2 IAStorDataMgrSvc;

S2 iATAgentService;

S2 idealife Update Service;

S3 IGRS;

S2 IviRegMgr;

S2 nvUpdatusService;

S2 Oasis2Service;

S2 PCCarerService;

S2 ReadyComm.DirectRouter;

S2 RichVideo;

S2 RtLedService;

S2 SeaPort;

S2 SoftwareService;

S3 SQLWriter;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST

2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini

2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe

2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk

2013-05-05 14:51 - 2013-05-05 14:51 - 00000000 ____D C:\Program Files (x86)\Registry Kit

2013-05-05 14:51 - 2008-12-09 23:16 - 00023552 ____A (defrag Development Team) C:\Windows\SysWOW64\Drivers\dfg.sys

2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp

2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp

2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes

2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp

2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-05 07:48 - 2013-04-04 13:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle

2013-05-05 07:12 - 2013-05-05 12:01 - 00000000 ____D C:\Windows\pss

2013-05-05 05:23 - 2013-05-05 07:41 - 00000004 ____A C:\Users\BryantKeefe\AppData\Roaming\skype.ini

2013-05-05 04:48 - 2013-05-05 04:49 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp

2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics

2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics

2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts

2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics

2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales

2013-04-25 06:40 - 2012-11-09 09:56 - 00067368 ____A (Mozy, Inc.) C:\Windows\System32\Drivers\mozy.sys

2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics

2013-04-24 03:17 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics

2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip

2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv

2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx

2013-04-19 12:07 - 2013-04-19 12:08 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip

2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip

2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv

2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv

2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv

2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv

2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv

2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv

2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv

2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv

2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv

2013-04-18 15:31 - 2013-04-18 15:33 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv

2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv

2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv

2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics

2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv

2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv

2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html

2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html

2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls

2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-04-10 01:02 - 2013-02-21 22:57 - 17817088 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-04-10 01:02 - 2013-02-21 22:29 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-04-10 01:02 - 2013-02-21 22:27 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-04-10 01:02 - 2013-02-21 22:21 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-04-10 01:02 - 2013-02-21 22:20 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-04-10 01:02 - 2013-02-21 22:19 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-04-10 01:02 - 2013-02-21 22:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-04-10 01:02 - 2013-02-21 22:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-04-10 01:02 - 2013-02-21 22:15 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-04-10 01:02 - 2013-02-21 22:15 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-04-10 01:02 - 2013-02-21 22:15 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-04-10 01:02 - 2013-02-21 22:14 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-04-10 01:02 - 2013-02-21 22:13 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-04-10 01:02 - 2013-02-21 22:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-04-10 01:02 - 2013-02-21 22:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-04-10 01:02 - 2013-02-21 22:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-04-10 01:02 - 2013-02-21 20:05 - 12324352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-04-10 01:02 - 2013-02-21 19:47 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-04-10 01:02 - 2013-02-21 19:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-04-10 01:02 - 2013-02-21 19:38 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-04-10 01:02 - 2013-02-21 19:38 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-04-10 01:02 - 2013-02-21 19:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-04-10 01:02 - 2013-02-21 19:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-04-10 01:02 - 2013-02-21 19:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-04-10 01:02 - 2013-02-21 19:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-04-10 01:02 - 2013-02-21 19:34 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-04-10 01:02 - 2013-02-21 19:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-04-10 01:02 - 2013-02-21 19:33 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-04-10 01:02 - 2013-02-21 19:32 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-04-10 01:02 - 2013-02-21 19:31 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-04-10 01:02 - 2013-02-21 19:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-04-10 01:02 - 2013-02-21 19:28 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-04-09 23:58 - 2013-02-28 19:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2013-04-09 23:57 - 2013-02-14 22:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll

2013-04-09 23:57 - 2013-02-14 22:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll

2013-04-09 23:57 - 2013-02-14 22:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll

2013-04-09 23:57 - 2013-02-14 20:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2013-04-09 23:57 - 2013-02-14 20:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2013-04-09 23:57 - 2013-02-14 19:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2013-04-09 23:57 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys

2013-04-09 23:56 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2013-04-09 23:56 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll

2013-04-09 23:56 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2013-04-09 23:56 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2013-04-09 23:56 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2013-04-09 23:56 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe

2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp

==================== One Month Modified Files and Folders =======

2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST

2013-05-06 05:25 - 2011-07-28 16:11 - 00115340 ____A C:\Windows\System32\fastboot.set

2013-05-06 05:25 - 2011-07-28 15:44 - 01857704 ____A C:\FaceProv.log

2013-05-06 05:25 - 2010-11-20 19:47 - 00094882 ____A C:\Windows\PFRO.log

2013-05-06 05:25 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-05-06 05:25 - 2009-07-13 20:51 - 00069654 ____A C:\Windows\setupact.log

2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini

2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe

2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk

2013-05-05 14:51 - 2013-05-05 14:51 - 00000000 ____D C:\Program Files (x86)\Registry Kit

2013-05-05 14:50 - 2009-07-13 21:13 - 00779306 ____A C:\Windows\System32\PerfStringBackup.INI

2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp

2013-05-05 14:45 - 2013-02-12 04:58 - 371745274 ____A C:\Windows\MEMORY.DMP

2013-05-05 14:45 - 2013-02-12 04:58 - 00000000 ____D C:\Windows\Minidump

2013-05-05 14:38 - 2011-07-28 14:57 - 01201659 ____A C:\Windows\WindowsUpdate.log

2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp

2013-05-05 12:01 - 2013-05-05 07:12 - 00000000 ____D C:\Windows\pss

2013-05-05 11:24 - 2011-07-28 16:04 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes

2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp

2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle

2013-05-05 07:43 - 2011-10-04 16:30 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Local\Google

2013-05-05 07:41 - 2013-05-05 05:23 - 00000004 ____A C:\Users\BryantKeefe\AppData\Roaming\skype.ini

2013-05-05 07:27 - 2013-02-10 11:48 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs

2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-05-05 07:18 - 2012-11-22 08:18 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\Htc

2013-05-05 07:18 - 2012-11-12 15:11 - 00000000 ___SD C:\Users\BryantKeefe\Google Drive

2013-05-05 07:16 - 2011-07-28 15:44 - 00000000 ____D C:\ProgramData\VeriFace

2013-05-05 07:03 - 2012-12-30 18:20 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\CrashDumps

2013-05-05 06:58 - 2011-07-28 16:04 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-05-05 06:46 - 2012-11-12 04:18 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-05-05 06:31 - 2013-03-05 13:20 - 00000932 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003UA.job

2013-05-05 05:57 - 2012-11-09 09:56 - 00006372 ____A C:\Windows\mozy.flt

2013-05-05 05:57 - 2012-11-09 09:56 - 00005256 ____A C:\Windows\mozy.blk

2013-05-05 05:51 - 2012-11-18 15:58 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Skype

2013-05-05 04:49 - 2013-05-05 04:48 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp

2013-05-04 17:22 - 2012-02-20 17:45 - 00000000 ____D C:\ProgramData\MFAData

2013-05-04 17:04 - 2013-03-05 13:20 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003Core.job

2013-05-03 10:59 - 2012-11-26 10:16 - 00000000 ____D C:\Users\BryantKeefe\Documents\FairwayStuff

2013-05-02 17:13 - 2012-11-23 13:56 - 00000000 ____D C:\Users\BryantKeefe\Documents\Outlook Files

2013-05-02 09:53 - 2012-11-19 10:56 - 00061304 ____A C:\Users\BryantKeefe\g2mdlhlpx.exe

2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics

2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics

2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts

2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics

2013-04-30 10:27 - 2012-11-11 04:31 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Mozilla

2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales

2013-04-29 12:41 - 2011-11-15 12:41 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-04-25 06:40 - 2012-11-27 16:05 - 00000000 ____D C:\Program Files\MozyHome

2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics

2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics

2013-04-23 05:58 - 2011-07-28 15:35 - 00000000 ____D C:\ProgramData\Adobe

2013-04-23 05:57 - 2012-11-12 04:18 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-04-23 05:57 - 2012-02-20 17:39 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip

2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv

2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx

2013-04-19 12:08 - 2013-04-19 12:07 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip

2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip

2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv

2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv

2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv

2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv

2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv

2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv

2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv

2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv

2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv

2013-04-18 15:33 - 2013-04-18 15:31 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv

2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv

2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv

2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics

2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv

2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv

2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html

2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html

2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls

2013-04-13 06:40 - 2009-07-13 21:08 - 00032586 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-04-13 06:39 - 2012-11-11 04:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2013-04-12 06:45 - 2013-04-24 03:17 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-04-11 04:59 - 2011-07-28 16:04 - 00002183 ____A C:\Users\Public\Desktop\Internet Browser.lnk

2013-04-10 05:52 - 2009-07-13 20:45 - 00366616 ____A C:\Windows\System32\FNTCACHE.DAT

2013-04-10 01:04 - 2011-11-15 08:16 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-04-10 01:02 - 2012-11-23 13:14 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-04-09 11:47 - 2013-03-26 07:20 - 00000000 ____D C:\Users\BryantKeefe\Documents\100Calls

2013-04-09 07:38 - 2012-11-10 16:55 - 00000000 ____D C:\users\BryantKeefe

2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp

2013-04-06 01:23 - 2011-11-15 12:41 - 00000000 ____D C:\ProgramData\Skype

Other Malware:

===========

C:\Users\BryantKeefe\AppData\Roaming\skype.ini

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-04-17 17:08:30

Restore point made on: 2013-04-18 17:04:08

Restore point made on: 2013-04-24 05:29:09

Restore point made on: 2013-04-24 16:38:51

Restore point made on: 2013-04-25 06:40:07

Restore point made on: 2013-04-25 19:28:55

Restore point made on: 2013-04-26 16:48:27

Restore point made on: 2013-05-02 16:51:18

Restore point made on: 2013-05-03 10:11:49

Restore point made on: 2013-05-04 07:23:15

Restore point made on: 2013-05-05 05:56:28

==================== Memory info ===========================

Percentage of memory in use: 16%

Total physical RAM: 3686.11 MB

Available physical RAM: 3077 MB

Total Pagefile: 3684.31 MB

Available Pagefile: 3076.54 MB

Total Virtual: 8192 MB

Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:188.94 GB) (Free:41.46 GB) NTFS (Disk=0 Partition=2)

Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.17 GB) NTFS (Disk=0 Partition=4)

Drive g: () (Removable) (Total:0.25 GB) (Free:0.24 GB) FAT (Disk=1 Partition=1)

Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Drive y: () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 232 GB 1024 KB

Disk 1 Online 253 MB 0 B

Partitions of Disk 0:

===============

Disk ID: 7C037A3B

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 200 MB 1024 KB

Partition 2 Primary 188 GB 201 MB

Partition 0 Extended 28 GB 189 GB

Partition 4 Logical 28 GB 189 GB

Partition 3 OEM 14 GB 218 GB

==================================================================================

Disk: 0

Partition 1

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y NTFS Partition 200 MB Healthy

=========================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C NTFS Partition 188 GB Healthy

=========================================================

Disk: 0

Partition 4

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 D LENOVO NTFS Partition 28 GB Healthy

=========================================================

Disk: 0

Partition 3

Type : 12

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 5 LENOVO_PART NTFS Partition 14 GB Healthy Hidden

=========================================================

Partitions of Disk 1:

===============

Disk ID: 0D0C0B0A

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 252 MB 16 KB

==================================================================================

Disk: 1

Partition 1

Type : 06

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 G FAT Removable 252 MB Healthy

=========================================================

============================== MBR & Partition Table ==================

====================================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 7C037A3B)

Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=189 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)

Partition 4: (Not Active) - (Size=15 GB) - (Type=12)

====================================================================

Disk: 1 (Size: 253 MB) (Disk ID: 0D0C0B0A)

Partition 1: (Active) - (Size=253 MB) - (Type=06)

Last Boot: 2013-05-04 08:30

==================== End Of Log ============================

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Hello bryantkeefe! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Open Notepad (Start => All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open Notepad and select Paste). Save it on the flashdrive as fixlist.txt

C:\Users\BryantKeefe\AppData\Roaming\skype.ini

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options then select Command Prompt

Run FRST (or FRST64 if you have the 64bit version) and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Reboot Normally.

Link to post
Share on other sites
bryantkeefe

bryantkeefe

Posted
  • Author
Posted

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-05-2013 02

Ran by SYSTEM at 2013-05-06 09:20:03 Run:1

Running from G:\

Boot Mode: Recovery

==============================================

C:\Users\BryantKeefe\AppData\Roaming\skype.ini => Moved successfully.

==== End of Fixlog ====

Link to post
Share on other sites
bryantkeefe

bryantkeefe

Posted
  • Author
Posted

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2013 02

Ran by SYSTEM on 06-05-2013 09:36:58

Running from G:\

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Recovery

The current controlset is ControlSet002

ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2011-07-28] (Lenovo (Beijing) Limited)

HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-07-28] (Lenovo(beijing) Limited)

HKLM\...\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2011-07-28] (Lenovo)

HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)

HKLM\...\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [112512 2010-03-13] (Microsoft Corporation)

HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-09-04] (CANON INC.)

HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-15] (Synaptics Incorporated)

HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)

HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)

HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-05-25] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro)

HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-07-28] (Lenovo)

HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)

HKLM-x32\...\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup [655360 2012-09-25] ()

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4394032 2013-03-13] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide [2793304 2009-10-14] ()

HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM-x32\...\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [228448 2011-01-28] (CyberLink Corp.)

HKLM-x32\...\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2011-01-28] (CyberLink)

HKLM-x32\...\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe /run [383344 2010-12-13] (Egis Technology Inc. )

HKLM-x32\...\Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)

HKLM-x32\...\Run: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.)

HKLM-x32\...\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [364400 2010-10-22] (Egis Technology Inc. )

HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)

HKLM-x32\...\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [202096 2010-11-05] (Egis Technology Inc.)

HKLM-x32\...\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [407920 2010-11-05] (Egis Technology Inc.)

HKU\BryantKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.)

HKU\BryantKeefe\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19357112 2013-03-07] (Google)

HKU\BryantKeefe\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com)

HKU\BryantKeefe\...\Run: [Google Update] "C:\Users\BryantKeefe\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-02-16] (Google Inc.)

HKU\BryantKeefe\...\Run: [GoogleChromeAutoLaunch_396D1C86E4D946F333C66A812C053E66] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window [1312720 2013-04-09] (Google Inc.)

HKU\BryantKeefe\...\Run: [ROC_ROC_APR2013_AV] C:\Users\BryantKeefe\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 52b1eb98523547d197972197b79054a5-0d1704d861aa73c8e370fa11febc830e50eae3e6 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x]

HKU\BryantKeefe\...\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [247768 2012-08-28] (TomTom)

HKU\BryantKeefe\...\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18643048 2013-02-28] (Skype Technologies S.A.)

HKU\BryantKeefe\...\Run: [RegistryKit v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [172200 2012-09-17] ()

HKU\BryantKeefe\...\Run: [RegistryKit Reminder v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [172200 2012-09-17] ()

HKU\EdwardKeefe\...\Run: [best Buy pc app] C:\Users\EdwardKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x]

HKU\EdwardKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.)

HKU\EdwardKeefe\...\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex [706776 2013-03-13] (Adobe Systems Incorporated)

Lsa: [Notification Packages] scecli

EgisPwdFilter

EgisDSPwdFilter

EgisPLPwdFilter

Startup: C:\ProgramData\Start Menu\Programs\Startup\MozyHome Status.lnk

ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)

Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk

ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

==================== Services (Whitelisted) =================

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-02-27] (AVG Technologies CZ, s.r.o.)

S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [282624 2013-02-19] (AVG Technologies CZ, s.r.o.)

S2 CxAudMsg; C:\windows\system32\CxAudMsg64.exe [198784 2010-12-17] (Conexant Systems Inc.)

S2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8498608 2012-04-10] (DisplayLink Corp.)

S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. )

S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54672 2012-11-09] (Mozy, Inc.)

S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2012-04-13] ()

S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]

==================== Drivers (Whitelisted) ====================

S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-02-26] (AVG Technologies CZ, s.r.o.)

S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)

S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)

S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)

S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)

S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)

S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [239416 2013-02-14] (AVG Technologies CZ, s.r.o.)

S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys [17408 2012-11-11] (http://libusb-win32.sourceforge.net)

S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()

S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()

S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

S1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67368 2012-11-09] (Mozy, Inc.)

S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation)

S3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)

S3 BcmSqlStartupSvc;

S1 BPntDrv; system32\drivers\BPntDrv.sys [x]

S2 CLKMSVC10_3A60B698;

S2 CLKMSVC10_C3B3B687;

S3 dfg; System32\DRIVERS\dfg.sys [x]

S2 DriverService;

S0 fbfmon; system32\drivers\fbfmon.sys [x]

S2 IAStorDataMgrSvc;

S2 iATAgentService;

S2 idealife Update Service;

S3 IGRS;

S2 IviRegMgr;

S2 nvUpdatusService;

S2 Oasis2Service;

S2 PCCarerService;

S2 ReadyComm.DirectRouter;

S2 RichVideo;

S2 RtLedService;

S2 SeaPort;

S2 SoftwareService;

S3 SQLWriter;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST

2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini

2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe

2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk

2013-05-05 14:51 - 2013-05-05 14:51 - 00000000 ____D C:\Program Files (x86)\Registry Kit

2013-05-05 14:51 - 2008-12-09 23:16 - 00023552 ____A (defrag Development Team) C:\Windows\SysWOW64\Drivers\dfg.sys

2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp

2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp

2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes

2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp

2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-05 07:48 - 2013-04-04 13:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle

2013-05-05 07:12 - 2013-05-05 12:01 - 00000000 ____D C:\Windows\pss

2013-05-05 04:48 - 2013-05-05 04:49 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp

2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics

2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics

2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts

2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics

2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales

2013-04-25 06:40 - 2012-11-09 09:56 - 00067368 ____A (Mozy, Inc.) C:\Windows\System32\Drivers\mozy.sys

2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics

2013-04-24 03:17 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics

2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip

2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv

2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx

2013-04-19 12:07 - 2013-04-19 12:08 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip

2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip

2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv

2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv

2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv

2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv

2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv

2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv

2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv

2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv

2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv

2013-04-18 15:31 - 2013-04-18 15:33 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv

2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv

2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv

2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics

2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv

2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv

2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html

2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html

2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls

2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-04-10 01:02 - 2013-02-21 22:57 - 17817088 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-04-10 01:02 - 2013-02-21 22:29 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-04-10 01:02 - 2013-02-21 22:27 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-04-10 01:02 - 2013-02-21 22:21 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-04-10 01:02 - 2013-02-21 22:20 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-04-10 01:02 - 2013-02-21 22:19 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-04-10 01:02 - 2013-02-21 22:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-04-10 01:02 - 2013-02-21 22:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-04-10 01:02 - 2013-02-21 22:15 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-04-10 01:02 - 2013-02-21 22:15 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-04-10 01:02 - 2013-02-21 22:15 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-04-10 01:02 - 2013-02-21 22:14 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-04-10 01:02 - 2013-02-21 22:13 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-04-10 01:02 - 2013-02-21 22:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-04-10 01:02 - 2013-02-21 22:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-04-10 01:02 - 2013-02-21 22:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-04-10 01:02 - 2013-02-21 20:05 - 12324352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-04-10 01:02 - 2013-02-21 19:47 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-04-10 01:02 - 2013-02-21 19:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-04-10 01:02 - 2013-02-21 19:38 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-04-10 01:02 - 2013-02-21 19:38 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-04-10 01:02 - 2013-02-21 19:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-04-10 01:02 - 2013-02-21 19:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-04-10 01:02 - 2013-02-21 19:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-04-10 01:02 - 2013-02-21 19:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-04-10 01:02 - 2013-02-21 19:34 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-04-10 01:02 - 2013-02-21 19:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-04-10 01:02 - 2013-02-21 19:33 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-04-10 01:02 - 2013-02-21 19:32 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-04-10 01:02 - 2013-02-21 19:31 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-04-10 01:02 - 2013-02-21 19:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-04-10 01:02 - 2013-02-21 19:28 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-04-09 23:58 - 2013-02-28 19:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2013-04-09 23:57 - 2013-02-14 22:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll

2013-04-09 23:57 - 2013-02-14 22:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll

2013-04-09 23:57 - 2013-02-14 22:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll

2013-04-09 23:57 - 2013-02-14 20:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2013-04-09 23:57 - 2013-02-14 20:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2013-04-09 23:57 - 2013-02-14 19:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2013-04-09 23:57 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys

2013-04-09 23:56 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2013-04-09 23:56 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll

2013-04-09 23:56 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2013-04-09 23:56 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2013-04-09 23:56 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2013-04-09 23:56 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe

2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp

==================== One Month Modified Files and Folders =======

2013-05-06 08:22 - 2011-07-28 16:11 - 00110710 ____A C:\Windows\System32\fastboot.set

2013-05-06 08:22 - 2011-07-28 15:44 - 01861864 ____A C:\FaceProv.log

2013-05-06 08:22 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-05-06 08:21 - 2010-11-20 19:47 - 00095462 ____A C:\Windows\PFRO.log

2013-05-06 08:21 - 2009-07-13 20:51 - 00069766 ____A C:\Windows\setupact.log

2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST

2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini

2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe

2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk

2013-05-05 14:51 - 2013-05-05 14:51 - 00000000 ____D C:\Program Files (x86)\Registry Kit

2013-05-05 14:50 - 2009-07-13 21:13 - 00779306 ____A C:\Windows\System32\PerfStringBackup.INI

2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp

2013-05-05 14:45 - 2013-02-12 04:58 - 371745274 ____A C:\Windows\MEMORY.DMP

2013-05-05 14:45 - 2013-02-12 04:58 - 00000000 ____D C:\Windows\Minidump

2013-05-05 14:38 - 2011-07-28 14:57 - 01201659 ____A C:\Windows\WindowsUpdate.log

2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp

2013-05-05 12:01 - 2013-05-05 07:12 - 00000000 ____D C:\Windows\pss

2013-05-05 11:24 - 2011-07-28 16:04 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes

2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp

2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle

2013-05-05 07:43 - 2011-10-04 16:30 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Local\Google

2013-05-05 07:27 - 2013-02-10 11:48 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs

2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-05-05 07:18 - 2012-11-22 08:18 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\Htc

2013-05-05 07:18 - 2012-11-12 15:11 - 00000000 ___SD C:\Users\BryantKeefe\Google Drive

2013-05-05 07:16 - 2011-07-28 15:44 - 00000000 ____D C:\ProgramData\VeriFace

2013-05-05 07:03 - 2012-12-30 18:20 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\CrashDumps

2013-05-05 06:58 - 2011-07-28 16:04 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-05-05 06:46 - 2012-11-12 04:18 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-05-05 06:31 - 2013-03-05 13:20 - 00000932 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003UA.job

2013-05-05 05:57 - 2012-11-09 09:56 - 00006372 ____A C:\Windows\mozy.flt

2013-05-05 05:57 - 2012-11-09 09:56 - 00005256 ____A C:\Windows\mozy.blk

2013-05-05 05:51 - 2012-11-18 15:58 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Skype

2013-05-05 04:49 - 2013-05-05 04:48 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp

2013-05-04 17:22 - 2012-02-20 17:45 - 00000000 ____D C:\ProgramData\MFAData

2013-05-04 17:04 - 2013-03-05 13:20 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003Core.job

2013-05-03 10:59 - 2012-11-26 10:16 - 00000000 ____D C:\Users\BryantKeefe\Documents\FairwayStuff

2013-05-02 17:13 - 2012-11-23 13:56 - 00000000 ____D C:\Users\BryantKeefe\Documents\Outlook Files

2013-05-02 09:53 - 2012-11-19 10:56 - 00061304 ____A C:\Users\BryantKeefe\g2mdlhlpx.exe

2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics

2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics

2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts

2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics

2013-04-30 10:27 - 2012-11-11 04:31 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Mozilla

2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales

2013-04-29 12:41 - 2011-11-15 12:41 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-04-25 06:40 - 2012-11-27 16:05 - 00000000 ____D C:\Program Files\MozyHome

2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics

2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics

2013-04-23 05:58 - 2011-07-28 15:35 - 00000000 ____D C:\ProgramData\Adobe

2013-04-23 05:57 - 2012-11-12 04:18 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-04-23 05:57 - 2012-02-20 17:39 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip

2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv

2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx

2013-04-19 12:08 - 2013-04-19 12:07 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip

2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip

2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv

2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv

2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv

2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv

2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv

2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv

2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv

2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv

2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv

2013-04-18 15:33 - 2013-04-18 15:31 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv

2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv

2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv

2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics

2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv

2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv

2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html

2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html

2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls

2013-04-13 06:40 - 2009-07-13 21:08 - 00032586 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-04-13 06:39 - 2012-11-11 04:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2013-04-12 06:45 - 2013-04-24 03:17 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-04-11 04:59 - 2011-07-28 16:04 - 00002183 ____A C:\Users\Public\Desktop\Internet Browser.lnk

2013-04-10 05:52 - 2009-07-13 20:45 - 00366616 ____A C:\Windows\System32\FNTCACHE.DAT

2013-04-10 01:04 - 2011-11-15 08:16 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-04-10 01:02 - 2012-11-23 13:14 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-04-09 11:47 - 2013-03-26 07:20 - 00000000 ____D C:\Users\BryantKeefe\Documents\100Calls

2013-04-09 07:38 - 2012-11-10 16:55 - 00000000 ____D C:\users\BryantKeefe

2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp

2013-04-06 01:23 - 2011-11-15 12:41 - 00000000 ____D C:\ProgramData\Skype

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-04-17 17:08:30

Restore point made on: 2013-04-18 17:04:08

Restore point made on: 2013-04-24 05:29:09

Restore point made on: 2013-04-24 16:38:51

Restore point made on: 2013-04-25 06:40:07

Restore point made on: 2013-04-25 19:28:55

Restore point made on: 2013-04-26 16:48:27

Restore point made on: 2013-05-02 16:51:18

Restore point made on: 2013-05-03 10:11:49

Restore point made on: 2013-05-04 07:23:15

Restore point made on: 2013-05-05 05:56:28

==================== Memory info ===========================

Percentage of memory in use: 16%

Total physical RAM: 3686.11 MB

Available physical RAM: 3076.62 MB

Total Pagefile: 3684.31 MB

Available Pagefile: 3077.38 MB

Total Virtual: 8192 MB

Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:188.94 GB) (Free:41.46 GB) NTFS (Disk=0 Partition=2)

Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.17 GB) NTFS (Disk=0 Partition=4)

Drive g: () (Removable) (Total:0.25 GB) (Free:0.24 GB) FAT (Disk=1 Partition=1)

Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Drive y: () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 232 GB 1024 KB

Disk 1 Online 253 MB 0 B

Partitions of Disk 0:

===============

Disk ID: 7C037A3B

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 200 MB 1024 KB

Partition 2 Primary 188 GB 201 MB

Partition 0 Extended 28 GB 189 GB

Partition 4 Logical 28 GB 189 GB

Partition 3 OEM 14 GB 218 GB

==================================================================================

Disk: 0

Partition 1

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y NTFS Partition 200 MB Healthy

=========================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C NTFS Partition 188 GB Healthy

=========================================================

Disk: 0

Partition 4

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 D LENOVO NTFS Partition 28 GB Healthy

=========================================================

Disk: 0

Partition 3

Type : 12

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 5 LENOVO_PART NTFS Partition 14 GB Healthy Hidden

=========================================================

Partitions of Disk 1:

===============

Disk ID: 0D0C0B0A

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 252 MB 16 KB

==================================================================================

Disk: 1

Partition 1

Type : 06

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 G FAT Removable 252 MB Healthy

=========================================================

============================== MBR & Partition Table ==================

====================================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 7C037A3B)

Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=189 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)

Partition 4: (Not Active) - (Size=15 GB) - (Type=12)

====================================================================

Disk: 1 (Size: 253 MB) (Disk ID: 0D0C0B0A)

Partition 1: (Active) - (Size=253 MB) - (Type=06)

Last Boot: 2013-05-04 08:30

==================== End Of Log ============================

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Open Notepad (Start => All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open Notepad and select Paste). Save it on the flashdrive as fixlist.txt

HKU\BryantKeefe\...\Run: [RegistryKit v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [172200 2012-09-17] ()

HKU\BryantKeefe\...\Run: [RegistryKit Reminder v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [172200 2012-09-17] ()

C:\Program Files (x86)\Registry Kit

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options then select Command Prompt

Run FRST (or FRST64 if you have the 64bit version) and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Reboot Normally.

Link to post
Share on other sites
bryantkeefe

bryantkeefe

Posted
  • Author
Posted

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-05-2013 02

Ran by SYSTEM at 2013-05-06 10:08:00 Run:2

Running from G:\

Boot Mode: Recovery

==============================================

HKEY_USERS\BryantKeefe\Software\Microsoft\Windows\CurrentVersion\Run\\RegistryKit v2.0 => Value not found.

HKEY_USERS\BryantKeefe\Software\Microsoft\Windows\CurrentVersion\Run\\RegistryKit Reminder v2.0 => Value not found.

C:\Program Files (x86)\Registry Kit => Moved successfully.

==== End of Fixlog ====

Link to post
Share on other sites
bryantkeefe

bryantkeefe

Posted
  • Author
Posted

Not starting past black screen. New scan below:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2013 02

Ran by SYSTEM on 06-05-2013 10:14:58

Running from G:\

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Recovery

The current controlset is ControlSet002

ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2011-07-28] (Lenovo (Beijing) Limited)

HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-07-28] (Lenovo(beijing) Limited)

HKLM\...\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2011-07-28] (Lenovo)

HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)

HKLM\...\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [112512 2010-03-13] (Microsoft Corporation)

HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-09-04] (CANON INC.)

HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-15] (Synaptics Incorporated)

HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)

HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)

HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-05-25] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro)

HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-07-28] (Lenovo)

HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)

HKLM-x32\...\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup [655360 2012-09-25] ()

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4394032 2013-03-13] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide [2793304 2009-10-14] ()

HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM-x32\...\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [228448 2011-01-28] (CyberLink Corp.)

HKLM-x32\...\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2011-01-28] (CyberLink)

HKLM-x32\...\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe /run [383344 2010-12-13] (Egis Technology Inc. )

HKLM-x32\...\Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)

HKLM-x32\...\Run: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.)

HKLM-x32\...\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [364400 2010-10-22] (Egis Technology Inc. )

HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)

HKLM-x32\...\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [202096 2010-11-05] (Egis Technology Inc.)

HKLM-x32\...\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [407920 2010-11-05] (Egis Technology Inc.)

HKU\BryantKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.)

HKU\BryantKeefe\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19357112 2013-03-07] (Google)

HKU\BryantKeefe\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com)

HKU\BryantKeefe\...\Run: [Google Update] "C:\Users\BryantKeefe\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-02-16] (Google Inc.)

HKU\BryantKeefe\...\Run: [GoogleChromeAutoLaunch_396D1C86E4D946F333C66A812C053E66] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window [1312720 2013-04-09] (Google Inc.)

HKU\BryantKeefe\...\Run: [ROC_ROC_APR2013_AV] C:\Users\BryantKeefe\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 52b1eb98523547d197972197b79054a5-0d1704d861aa73c8e370fa11febc830e50eae3e6 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x]

HKU\BryantKeefe\...\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [247768 2012-08-28] (TomTom)

HKU\BryantKeefe\...\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18643048 2013-02-28] (Skype Technologies S.A.)

HKU\BryantKeefe\...\Run: [RegistryKit v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [x]

HKU\BryantKeefe\...\Run: [RegistryKit Reminder v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [x]

HKU\EdwardKeefe\...\Run: [best Buy pc app] C:\Users\EdwardKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x]

HKU\EdwardKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.)

HKU\EdwardKeefe\...\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex [706776 2013-03-13] (Adobe Systems Incorporated)

Lsa: [Notification Packages] scecli

EgisPwdFilter

EgisDSPwdFilter

EgisPLPwdFilter

Startup: C:\ProgramData\Start Menu\Programs\Startup\MozyHome Status.lnk

ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)

Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk

ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

==================== Services (Whitelisted) =================

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-02-27] (AVG Technologies CZ, s.r.o.)

S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [282624 2013-02-19] (AVG Technologies CZ, s.r.o.)

S2 CxAudMsg; C:\windows\system32\CxAudMsg64.exe [198784 2010-12-17] (Conexant Systems Inc.)

S2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8498608 2012-04-10] (DisplayLink Corp.)

S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. )

S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54672 2012-11-09] (Mozy, Inc.)

S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2012-04-13] ()

S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]

==================== Drivers (Whitelisted) ====================

S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-02-26] (AVG Technologies CZ, s.r.o.)

S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)

S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)

S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)

S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)

S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)

S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [239416 2013-02-14] (AVG Technologies CZ, s.r.o.)

S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys [17408 2012-11-11] (http://libusb-win32.sourceforge.net)

S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()

S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()

S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

S1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67368 2012-11-09] (Mozy, Inc.)

S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation)

S3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)

S3 BcmSqlStartupSvc;

S1 BPntDrv; system32\drivers\BPntDrv.sys [x]

S2 CLKMSVC10_3A60B698;

S2 CLKMSVC10_C3B3B687;

S3 dfg; System32\DRIVERS\dfg.sys [x]

S2 DriverService;

S0 fbfmon; system32\drivers\fbfmon.sys [x]

S2 IAStorDataMgrSvc;

S2 iATAgentService;

S2 idealife Update Service;

S3 IGRS;

S2 IviRegMgr;

S2 nvUpdatusService;

S2 Oasis2Service;

S2 PCCarerService;

S2 ReadyComm.DirectRouter;

S2 RichVideo;

S2 RtLedService;

S2 SeaPort;

S2 SoftwareService;

S3 SQLWriter;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST

2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini

2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe

2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk

2013-05-05 14:51 - 2008-12-09 23:16 - 00023552 ____A (defrag Development Team) C:\Windows\SysWOW64\Drivers\dfg.sys

2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp

2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp

2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes

2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp

2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-05 07:48 - 2013-04-04 13:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle

2013-05-05 07:12 - 2013-05-05 12:01 - 00000000 ____D C:\Windows\pss

2013-05-05 04:48 - 2013-05-05 04:49 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp

2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics

2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics

2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts

2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics

2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales

2013-04-25 06:40 - 2012-11-09 09:56 - 00067368 ____A (Mozy, Inc.) C:\Windows\System32\Drivers\mozy.sys

2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics

2013-04-24 03:17 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics

2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip

2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv

2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx

2013-04-19 12:07 - 2013-04-19 12:08 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip

2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip

2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv

2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv

2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv

2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv

2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv

2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv

2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv

2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv

2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv

2013-04-18 15:31 - 2013-04-18 15:33 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv

2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv

2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv

2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics

2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv

2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv

2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html

2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html

2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls

2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-04-10 01:02 - 2013-02-21 22:57 - 17817088 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-04-10 01:02 - 2013-02-21 22:29 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-04-10 01:02 - 2013-02-21 22:27 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-04-10 01:02 - 2013-02-21 22:21 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-04-10 01:02 - 2013-02-21 22:20 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-04-10 01:02 - 2013-02-21 22:19 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-04-10 01:02 - 2013-02-21 22:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-04-10 01:02 - 2013-02-21 22:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-04-10 01:02 - 2013-02-21 22:15 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-04-10 01:02 - 2013-02-21 22:15 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-04-10 01:02 - 2013-02-21 22:15 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-04-10 01:02 - 2013-02-21 22:14 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-04-10 01:02 - 2013-02-21 22:13 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-04-10 01:02 - 2013-02-21 22:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-04-10 01:02 - 2013-02-21 22:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-04-10 01:02 - 2013-02-21 22:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-04-10 01:02 - 2013-02-21 20:05 - 12324352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-04-10 01:02 - 2013-02-21 19:47 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-04-10 01:02 - 2013-02-21 19:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-04-10 01:02 - 2013-02-21 19:38 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-04-10 01:02 - 2013-02-21 19:38 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-04-10 01:02 - 2013-02-21 19:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-04-10 01:02 - 2013-02-21 19:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-04-10 01:02 - 2013-02-21 19:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-04-10 01:02 - 2013-02-21 19:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-04-10 01:02 - 2013-02-21 19:34 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-04-10 01:02 - 2013-02-21 19:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-04-10 01:02 - 2013-02-21 19:33 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-04-10 01:02 - 2013-02-21 19:32 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-04-10 01:02 - 2013-02-21 19:31 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-04-10 01:02 - 2013-02-21 19:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-04-10 01:02 - 2013-02-21 19:28 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-04-09 23:58 - 2013-02-28 19:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2013-04-09 23:57 - 2013-02-14 22:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll

2013-04-09 23:57 - 2013-02-14 22:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll

2013-04-09 23:57 - 2013-02-14 22:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll

2013-04-09 23:57 - 2013-02-14 20:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2013-04-09 23:57 - 2013-02-14 20:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2013-04-09 23:57 - 2013-02-14 19:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2013-04-09 23:57 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys

2013-04-09 23:56 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2013-04-09 23:56 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll

2013-04-09 23:56 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2013-04-09 23:56 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2013-04-09 23:56 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2013-04-09 23:56 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe

2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp

==================== One Month Modified Files and Folders =======

2013-05-06 09:09 - 2011-07-28 16:11 - 00110710 ____A C:\Windows\System32\fastboot.set

2013-05-06 09:09 - 2011-07-28 15:44 - 01863923 ____A C:\FaceProv.log

2013-05-06 09:09 - 2010-11-20 19:47 - 00095752 ____A C:\Windows\PFRO.log

2013-05-06 09:09 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-05-06 09:09 - 2009-07-13 20:51 - 00069822 ____A C:\Windows\setupact.log

2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST

2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini

2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe

2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk

2013-05-05 14:50 - 2009-07-13 21:13 - 00779306 ____A C:\Windows\System32\PerfStringBackup.INI

2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp

2013-05-05 14:45 - 2013-02-12 04:58 - 371745274 ____A C:\Windows\MEMORY.DMP

2013-05-05 14:45 - 2013-02-12 04:58 - 00000000 ____D C:\Windows\Minidump

2013-05-05 14:38 - 2011-07-28 14:57 - 01201659 ____A C:\Windows\WindowsUpdate.log

2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp

2013-05-05 12:01 - 2013-05-05 07:12 - 00000000 ____D C:\Windows\pss

2013-05-05 11:24 - 2011-07-28 16:04 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes

2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp

2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle

2013-05-05 07:43 - 2011-10-04 16:30 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Local\Google

2013-05-05 07:27 - 2013-02-10 11:48 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs

2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-05-05 07:18 - 2012-11-22 08:18 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\Htc

2013-05-05 07:18 - 2012-11-12 15:11 - 00000000 ___SD C:\Users\BryantKeefe\Google Drive

2013-05-05 07:16 - 2011-07-28 15:44 - 00000000 ____D C:\ProgramData\VeriFace

2013-05-05 07:03 - 2012-12-30 18:20 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\CrashDumps

2013-05-05 06:58 - 2011-07-28 16:04 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-05-05 06:46 - 2012-11-12 04:18 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-05-05 06:31 - 2013-03-05 13:20 - 00000932 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003UA.job

2013-05-05 05:57 - 2012-11-09 09:56 - 00006372 ____A C:\Windows\mozy.flt

2013-05-05 05:57 - 2012-11-09 09:56 - 00005256 ____A C:\Windows\mozy.blk

2013-05-05 05:51 - 2012-11-18 15:58 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Skype

2013-05-05 04:49 - 2013-05-05 04:48 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp

2013-05-04 17:22 - 2012-02-20 17:45 - 00000000 ____D C:\ProgramData\MFAData

2013-05-04 17:04 - 2013-03-05 13:20 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003Core.job

2013-05-03 10:59 - 2012-11-26 10:16 - 00000000 ____D C:\Users\BryantKeefe\Documents\FairwayStuff

2013-05-02 17:13 - 2012-11-23 13:56 - 00000000 ____D C:\Users\BryantKeefe\Documents\Outlook Files

2013-05-02 09:53 - 2012-11-19 10:56 - 00061304 ____A C:\Users\BryantKeefe\g2mdlhlpx.exe

2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics

2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics

2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts

2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics

2013-04-30 10:27 - 2012-11-11 04:31 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Mozilla

2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales

2013-04-29 12:41 - 2011-11-15 12:41 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-04-25 06:40 - 2012-11-27 16:05 - 00000000 ____D C:\Program Files\MozyHome

2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics

2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics

2013-04-23 05:58 - 2011-07-28 15:35 - 00000000 ____D C:\ProgramData\Adobe

2013-04-23 05:57 - 2012-11-12 04:18 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-04-23 05:57 - 2012-02-20 17:39 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip

2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv

2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx

2013-04-19 12:08 - 2013-04-19 12:07 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip

2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip

2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv

2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv

2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv

2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv

2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv

2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv

2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv

2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv

2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv

2013-04-18 15:33 - 2013-04-18 15:31 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv

2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv

2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv

2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics

2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv

2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv

2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html

2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html

2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls

2013-04-13 06:40 - 2009-07-13 21:08 - 00032586 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-04-13 06:39 - 2012-11-11 04:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2013-04-12 06:45 - 2013-04-24 03:17 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-04-11 04:59 - 2011-07-28 16:04 - 00002183 ____A C:\Users\Public\Desktop\Internet Browser.lnk

2013-04-10 05:52 - 2009-07-13 20:45 - 00366616 ____A C:\Windows\System32\FNTCACHE.DAT

2013-04-10 01:04 - 2011-11-15 08:16 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-04-10 01:02 - 2012-11-23 13:14 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-04-09 11:47 - 2013-03-26 07:20 - 00000000 ____D C:\Users\BryantKeefe\Documents\100Calls

2013-04-09 07:38 - 2012-11-10 16:55 - 00000000 ____D C:\users\BryantKeefe

2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp

2013-04-06 01:23 - 2011-11-15 12:41 - 00000000 ____D C:\ProgramData\Skype

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-04-17 17:08:30

Restore point made on: 2013-04-18 17:04:08

Restore point made on: 2013-04-24 05:29:09

Restore point made on: 2013-04-24 16:38:51

Restore point made on: 2013-04-25 06:40:07

Restore point made on: 2013-04-25 19:28:55

Restore point made on: 2013-04-26 16:48:27

Restore point made on: 2013-05-02 16:51:18

Restore point made on: 2013-05-03 10:11:49

Restore point made on: 2013-05-04 07:23:15

Restore point made on: 2013-05-05 05:56:28

==================== Memory info ===========================

Percentage of memory in use: 16%

Total physical RAM: 3686.11 MB

Available physical RAM: 3077.16 MB

Total Pagefile: 3684.31 MB

Available Pagefile: 3077.75 MB

Total Virtual: 8192 MB

Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:188.94 GB) (Free:41.46 GB) NTFS (Disk=0 Partition=2)

Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.17 GB) NTFS (Disk=0 Partition=4)

Drive g: () (Removable) (Total:0.25 GB) (Free:0.24 GB) FAT (Disk=1 Partition=1)

Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Drive y: () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 232 GB 1024 KB

Disk 1 Online 253 MB 0 B

Partitions of Disk 0:

===============

Disk ID: 7C037A3B

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 200 MB 1024 KB

Partition 2 Primary 188 GB 201 MB

Partition 0 Extended 28 GB 189 GB

Partition 4 Logical 28 GB 189 GB

Partition 3 OEM 14 GB 218 GB

==================================================================================

Disk: 0

Partition 1

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y NTFS Partition 200 MB Healthy

=========================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C NTFS Partition 188 GB Healthy

=========================================================

Disk: 0

Partition 4

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 D LENOVO NTFS Partition 28 GB Healthy

=========================================================

Disk: 0

Partition 3

Type : 12

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 5 LENOVO_PART NTFS Partition 14 GB Healthy Hidden

=========================================================

Partitions of Disk 1:

===============

Disk ID: 0D0C0B0A

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 252 MB 16 KB

==================================================================================

Disk: 1

Partition 1

Type : 06

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 G FAT Removable 252 MB Healthy

=========================================================

============================== MBR & Partition Table ==================

====================================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 7C037A3B)

Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=189 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)

Partition 4: (Not Active) - (Size=15 GB) - (Type=12)

====================================================================

Disk: 1 (Size: 253 MB) (Disk ID: 0D0C0B0A)

Partition 1: (Active) - (Size=253 MB) - (Type=06)

Last Boot: 2013-05-04 08:30

==================== End Of Log ============================

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Open Notepad (Start => All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open Notepad and select Paste). Save it on the flashdrive as fixlist.txt

HKU\BryantKeefe\...\Run: [RegistryKit v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [x]

HKU\BryantKeefe\...\Run: [RegistryKit Reminder v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [x]

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options then select Command Prompt

Run FRST (or FRST64 if you have the 64bit version) and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Reboot Normally.

Link to post
Share on other sites
bryantkeefe

bryantkeefe

Posted
  • Author
Posted

Rebooting now

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-05-2013 02

Ran by SYSTEM at 2013-05-06 12:27:30 Run:3

Running from G:\

Boot Mode: Recovery

==============================================

HKEY_USERS\BryantKeefe\Software\Microsoft\Windows\CurrentVersion\Run\\RegistryKit v2.0 => Value not found.

HKEY_USERS\BryantKeefe\Software\Microsoft\Windows\CurrentVersion\Run\\RegistryKit Reminder v2.0 => Value not found.

==== End of Fixlog ====

Link to post
Share on other sites
bryantkeefe

bryantkeefe

Posted
  • Author
Posted

Still going to black with cursor only. Log below.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2013 02

Ran by SYSTEM on 06-05-2013 12:35:51

Running from G:\

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Recovery

The current controlset is ControlSet002

ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2011-07-28] (Lenovo (Beijing) Limited)

HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-07-28] (Lenovo(beijing) Limited)

HKLM\...\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2011-07-28] (Lenovo)

HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)

HKLM\...\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [112512 2010-03-13] (Microsoft Corporation)

HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-09-04] (CANON INC.)

HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-15] (Synaptics Incorporated)

HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)

HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)

HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-05-25] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro)

HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-07-28] (Lenovo)

HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)

HKLM-x32\...\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup [655360 2012-09-25] ()

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4394032 2013-03-13] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide [2793304 2009-10-14] ()

HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM-x32\...\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [228448 2011-01-28] (CyberLink Corp.)

HKLM-x32\...\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2011-01-28] (CyberLink)

HKLM-x32\...\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe /run [383344 2010-12-13] (Egis Technology Inc. )

HKLM-x32\...\Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)

HKLM-x32\...\Run: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.)

HKLM-x32\...\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [364400 2010-10-22] (Egis Technology Inc. )

HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)

HKLM-x32\...\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [202096 2010-11-05] (Egis Technology Inc.)

HKLM-x32\...\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [407920 2010-11-05] (Egis Technology Inc.)

HKU\BryantKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.)

HKU\BryantKeefe\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19357112 2013-03-07] (Google)

HKU\BryantKeefe\...\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com)

HKU\BryantKeefe\...\Run: [Google Update] "C:\Users\BryantKeefe\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-02-16] (Google Inc.)

HKU\BryantKeefe\...\Run: [GoogleChromeAutoLaunch_396D1C86E4D946F333C66A812C053E66] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window [1312720 2013-04-09] (Google Inc.)

HKU\BryantKeefe\...\Run: [ROC_ROC_APR2013_AV] C:\Users\BryantKeefe\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 52b1eb98523547d197972197b79054a5-0d1704d861aa73c8e370fa11febc830e50eae3e6 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013 [x]

HKU\BryantKeefe\...\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [247768 2012-08-28] (TomTom)

HKU\BryantKeefe\...\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18643048 2013-02-28] (Skype Technologies S.A.)

HKU\BryantKeefe\...\Run: [RegistryKit v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [x]

HKU\BryantKeefe\...\Run: [RegistryKit Reminder v2.0] "C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe" [x]

HKU\EdwardKeefe\...\Run: [best Buy pc app] C:\Users\EdwardKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x]

HKU\EdwardKeefe\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-07-28] (Google Inc.)

HKU\EdwardKeefe\...\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex [706776 2013-03-13] (Adobe Systems Incorporated)

Lsa: [Notification Packages] scecli

EgisPwdFilter

EgisDSPwdFilter

EgisPLPwdFilter

Startup: C:\ProgramData\Start Menu\Programs\Startup\MozyHome Status.lnk

ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)

Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\BryantKeefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk

ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)

==================== Services (Whitelisted) =================

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-02-27] (AVG Technologies CZ, s.r.o.)

S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [282624 2013-02-19] (AVG Technologies CZ, s.r.o.)

S2 CxAudMsg; C:\windows\system32\CxAudMsg64.exe [198784 2010-12-17] (Conexant Systems Inc.)

S2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8498608 2012-04-10] (DisplayLink Corp.)

S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. )

S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54672 2012-11-09] (Mozy, Inc.)

S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2012-04-13] ()

S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]

==================== Drivers (Whitelisted) ====================

S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-02-26] (AVG Technologies CZ, s.r.o.)

S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)

S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)

S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)

S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)

S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)

S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [239416 2013-02-14] (AVG Technologies CZ, s.r.o.)

S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys [17408 2012-11-11] (http://libusb-win32.sourceforge.net)

S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()

S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()

S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

S1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67368 2012-11-09] (Mozy, Inc.)

S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation)

S3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)

S3 BcmSqlStartupSvc;

S1 BPntDrv; system32\drivers\BPntDrv.sys [x]

S2 CLKMSVC10_3A60B698;

S2 CLKMSVC10_C3B3B687;

S3 dfg; System32\DRIVERS\dfg.sys [x]

S2 DriverService;

S0 fbfmon; system32\drivers\fbfmon.sys [x]

S2 IAStorDataMgrSvc;

S2 iATAgentService;

S2 idealife Update Service;

S3 IGRS;

S2 IviRegMgr;

S2 nvUpdatusService;

S2 Oasis2Service;

S2 PCCarerService;

S2 ReadyComm.DirectRouter;

S2 RichVideo;

S2 RtLedService;

S2 SeaPort;

S2 SoftwareService;

S3 SQLWriter;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST

2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini

2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe

2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk

2013-05-05 14:51 - 2008-12-09 23:16 - 00023552 ____A (defrag Development Team) C:\Windows\SysWOW64\Drivers\dfg.sys

2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp

2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp

2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes

2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp

2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-05 07:48 - 2013-04-04 13:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle

2013-05-05 07:12 - 2013-05-05 12:01 - 00000000 ____D C:\Windows\pss

2013-05-05 04:48 - 2013-05-05 04:49 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp

2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics

2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics

2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts

2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics

2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales

2013-04-25 06:40 - 2012-11-09 09:56 - 00067368 ____A (Mozy, Inc.) C:\Windows\System32\Drivers\mozy.sys

2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics

2013-04-24 03:17 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics

2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip

2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv

2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx

2013-04-19 12:07 - 2013-04-19 12:08 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip

2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip

2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv

2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv

2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv

2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv

2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv

2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv

2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv

2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv

2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv

2013-04-18 15:31 - 2013-04-18 15:33 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv

2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv

2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv

2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics

2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv

2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv

2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html

2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html

2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls

2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-04-10 01:02 - 2013-02-21 22:57 - 17817088 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-04-10 01:02 - 2013-02-21 22:29 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-04-10 01:02 - 2013-02-21 22:27 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-04-10 01:02 - 2013-02-21 22:21 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-04-10 01:02 - 2013-02-21 22:20 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-04-10 01:02 - 2013-02-21 22:19 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-04-10 01:02 - 2013-02-21 22:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-04-10 01:02 - 2013-02-21 22:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-04-10 01:02 - 2013-02-21 22:15 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-04-10 01:02 - 2013-02-21 22:15 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-04-10 01:02 - 2013-02-21 22:15 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-04-10 01:02 - 2013-02-21 22:14 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-04-10 01:02 - 2013-02-21 22:13 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-04-10 01:02 - 2013-02-21 22:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-04-10 01:02 - 2013-02-21 22:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-04-10 01:02 - 2013-02-21 22:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-04-10 01:02 - 2013-02-21 20:05 - 12324352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-04-10 01:02 - 2013-02-21 19:47 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-04-10 01:02 - 2013-02-21 19:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-04-10 01:02 - 2013-02-21 19:38 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-04-10 01:02 - 2013-02-21 19:38 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-04-10 01:02 - 2013-02-21 19:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-04-10 01:02 - 2013-02-21 19:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-04-10 01:02 - 2013-02-21 19:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-04-10 01:02 - 2013-02-21 19:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-04-10 01:02 - 2013-02-21 19:34 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-04-10 01:02 - 2013-02-21 19:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-04-10 01:02 - 2013-02-21 19:33 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-04-10 01:02 - 2013-02-21 19:32 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-04-10 01:02 - 2013-02-21 19:31 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-04-10 01:02 - 2013-02-21 19:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-04-10 01:02 - 2013-02-21 19:28 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-04-09 23:58 - 2013-02-28 19:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2013-04-09 23:57 - 2013-02-14 22:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll

2013-04-09 23:57 - 2013-02-14 22:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll

2013-04-09 23:57 - 2013-02-14 22:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll

2013-04-09 23:57 - 2013-02-14 20:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2013-04-09 23:57 - 2013-02-14 20:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2013-04-09 23:57 - 2013-02-14 19:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2013-04-09 23:57 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys

2013-04-09 23:56 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2013-04-09 23:56 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll

2013-04-09 23:56 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2013-04-09 23:56 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2013-04-09 23:56 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2013-04-09 23:56 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe

2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp

==================== One Month Modified Files and Folders =======

2013-05-06 11:30 - 2011-07-28 16:04 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-05-06 11:29 - 2011-07-28 16:11 - 00096884 ____A C:\Windows\System32\fastboot.set

2013-05-06 11:29 - 2011-07-28 15:44 - 01866105 ____A C:\FaceProv.log

2013-05-06 11:29 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-05-06 11:29 - 2009-07-13 20:51 - 00069878 ____A C:\Windows\setupact.log

2013-05-06 11:28 - 2010-11-20 19:47 - 00096046 ____A C:\Windows\PFRO.log

2013-05-06 08:04 - 2013-05-06 08:04 - 00000000 ____D C:\FRST

2013-05-05 14:55 - 2013-05-05 14:55 - 00000586 ____A C:\Windows\RegistryKit.ini

2013-05-05 14:51 - 2013-05-05 14:51 - 06187024 ____A (RegistryKit.com ) C:\Users\BryantKeefe\Downloads\RegistryKitSetup.exe

2013-05-05 14:51 - 2013-05-05 14:51 - 00001078 ____A C:\Users\BryantKeefe\Desktop\Registry Kit.lnk

2013-05-05 14:50 - 2009-07-13 21:13 - 00779306 ____A C:\Windows\System32\PerfStringBackup.INI

2013-05-05 14:45 - 2013-05-05 14:45 - 00270840 ____A C:\Windows\Minidump\050513-28797-01.dmp

2013-05-05 14:45 - 2013-02-12 04:58 - 371745274 ____A C:\Windows\MEMORY.DMP

2013-05-05 14:45 - 2013-02-12 04:58 - 00000000 ____D C:\Windows\Minidump

2013-05-05 14:38 - 2011-07-28 14:57 - 01201659 ____A C:\Windows\WindowsUpdate.log

2013-05-05 14:07 - 2013-05-05 14:07 - 00270840 ____A C:\Windows\Minidump\050513-56815-01.dmp

2013-05-05 12:01 - 2013-05-05 07:12 - 00000000 ____D C:\Windows\pss

2013-05-05 09:45 - 2013-05-05 09:45 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Malwarebytes

2013-05-05 09:41 - 2013-05-05 09:41 - 00270784 ____A C:\Windows\Minidump\050513-95285-01.dmp

2013-05-05 07:48 - 2013-05-05 07:48 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Roaming\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-05-05 07:48 - 2013-05-05 07:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-05 07:43 - 2013-05-05 07:43 - 00000000 ____D C:\Users\EdwardKeefe\AppData\LocalGoogle

2013-05-05 07:43 - 2011-10-04 16:30 - 00000000 ____D C:\Users\EdwardKeefe\AppData\Local\Google

2013-05-05 07:27 - 2013-02-10 11:48 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs

2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-05-05 07:26 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-05-05 07:18 - 2012-11-22 08:18 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\Htc

2013-05-05 07:18 - 2012-11-12 15:11 - 00000000 ___SD C:\Users\BryantKeefe\Google Drive

2013-05-05 07:16 - 2011-07-28 15:44 - 00000000 ____D C:\ProgramData\VeriFace

2013-05-05 07:03 - 2012-12-30 18:20 - 00000000 ____D C:\Users\BryantKeefe\AppData\Local\CrashDumps

2013-05-05 06:58 - 2011-07-28 16:04 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-05-05 06:46 - 2012-11-12 04:18 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-05-05 06:31 - 2013-03-05 13:20 - 00000932 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003UA.job

2013-05-05 05:57 - 2012-11-09 09:56 - 00006372 ____A C:\Windows\mozy.flt

2013-05-05 05:57 - 2012-11-09 09:56 - 00005256 ____A C:\Windows\mozy.blk

2013-05-05 05:51 - 2012-11-18 15:58 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Skype

2013-05-05 04:49 - 2013-05-05 04:48 - 00275080 ____A C:\Windows\Minidump\050513-55941-01.dmp

2013-05-04 17:22 - 2012-02-20 17:45 - 00000000 ____D C:\ProgramData\MFAData

2013-05-04 17:04 - 2013-03-05 13:20 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1358203560-3625939249-3527256020-1003Core.job

2013-05-03 10:59 - 2012-11-26 10:16 - 00000000 ____D C:\Users\BryantKeefe\Documents\FairwayStuff

2013-05-02 17:13 - 2012-11-23 13:56 - 00000000 ____D C:\Users\BryantKeefe\Documents\Outlook Files

2013-05-02 09:53 - 2012-11-19 10:56 - 00061304 ____A C:\Users\BryantKeefe\g2mdlhlpx.exe

2013-05-02 09:13 - 2013-05-02 09:13 - 00001471 ____A C:\Users\BryantKeefe\Downloads\webinar (3).ics

2013-05-02 09:12 - 2013-05-02 09:12 - 00001481 ____A C:\Users\BryantKeefe\Downloads\webinar.ics

2013-05-02 08:29 - 2013-05-02 08:29 - 00000000 ____D C:\Users\BryantKeefe\Documents\Recruiting Scripts

2013-05-01 07:18 - 2013-05-01 07:18 - 00001522 ____A C:\Users\BryantKeefe\Downloads\webinar(1).ics

2013-04-30 10:27 - 2012-11-11 04:31 - 00000000 ____D C:\Users\BryantKeefe\AppData\Roaming\Mozilla

2013-04-30 07:51 - 2013-04-30 07:51 - 00000000 ____D C:\Users\BryantKeefe\Documents\NetworkSales

2013-04-29 12:41 - 2011-11-15 12:41 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-04-25 06:40 - 2012-11-27 16:05 - 00000000 ____D C:\Program Files\MozyHome

2013-04-24 05:15 - 2013-04-24 05:15 - 00001472 ____A C:\Users\BryantKeefe\Downloads\webinar (2).ics

2013-04-23 11:03 - 2013-04-23 11:03 - 00005621 ____A C:\Users\BryantKeefe\Downloads\STARTING IN 15 MINUTES - How To Rank #1 On Google In Mere Minutes (Yes - It Only Takes A Couple Of Minutes) - With Jerome.ics

2013-04-23 05:58 - 2011-07-28 15:35 - 00000000 ____D C:\ProgramData\Adobe

2013-04-23 05:57 - 2012-11-12 04:18 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-04-23 05:57 - 2012-02-20 17:39 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-04-20 15:45 - 2013-04-20 15:45 - 01504578 ____A C:\Users\BryantKeefe\Downloads\MortgageDeceptionMRR0213.zip

2013-04-19 16:55 - 2013-04-19 16:55 - 00025646 ____A C:\Users\BryantKeefe\Downloads\OfflineUnderground.csv

2013-04-19 16:15 - 2013-04-19 16:15 - 00118149 ____A C:\Users\BryantKeefe\Desktop\wmpChrome.crx

2013-04-19 12:08 - 2013-04-19 12:07 - 22879949 ____A C:\Users\BryantKeefe\Downloads\48HourClientVideo.zip

2013-04-19 12:07 - 2013-04-19 12:07 - 00501483 ____A C:\Users\BryantKeefe\Downloads\48HourClientTemplate.zip

2013-04-18 16:15 - 2013-04-18 16:15 - 00025258 ____A C:\Users\BryantKeefe\Downloads\LocalWebArsenal.csv

2013-04-18 16:02 - 2013-04-18 16:02 - 00258196 ____A C:\Users\BryantKeefe\Downloads\ListbuildingClub.csv

2013-04-18 15:58 - 2013-04-18 15:58 - 00024496 ____A C:\Users\BryantKeefe\Downloads\TucsonHelpingTucson.csv

2013-04-18 15:57 - 2013-04-18 15:57 - 00059769 ____A C:\Users\BryantKeefe\Downloads\WordPress4Biz.csv

2013-04-18 15:55 - 2013-04-18 15:55 - 00079746 ____A C:\Users\BryantKeefe\Downloads\ViralSocialCrusher.csv

2013-04-18 15:47 - 2013-04-18 15:47 - 00077300 ____A C:\Users\BryantKeefe\Downloads\OfficialJVZoo.csv

2013-04-18 15:39 - 2013-04-18 15:39 - 00016103 ____A C:\Users\BryantKeefe\Downloads\SocialSuccessMastermind.csv

2013-04-18 15:38 - 2013-04-18 15:38 - 00031565 ____A C:\Users\BryantKeefe\Downloads\StefanisOffline.csv

2013-04-18 15:36 - 2013-04-18 15:36 - 00058096 ____A C:\Users\BryantKeefe\Downloads\SNAMembers.csv

2013-04-18 15:33 - 2013-04-18 15:31 - 00029549 ____A C:\Users\BryantKeefe\Downloads\MedicalMastery.csv

2013-04-18 15:28 - 2013-04-18 15:28 - 00095637 ____A C:\Users\BryantKeefe\Downloads\SocialMediaMgrs.csv

2013-04-18 15:26 - 2013-04-18 15:26 - 00078879 ____A C:\Users\BryantKeefe\Downloads\SqueezeMobi.csv

2013-04-18 13:54 - 2013-04-18 13:54 - 00001628 ____A C:\Users\BryantKeefe\Downloads\webinar (1).ics

2013-04-18 12:31 - 2013-04-18 12:31 - 00000820 ____A C:\Users\BryantKeefe\Downloads\69407748014.csv

2013-04-18 12:27 - 2013-04-18 12:27 - 00000065 ____A C:\Users\BryantKeefe\Downloads\26603588115.csv

2013-04-18 05:44 - 2013-04-18 05:44 - 00000053 ____A C:\Users\BryantKeefe\Downloads\google111c6946baae8912.html

2013-04-17 16:18 - 2013-04-17 16:18 - 00007749 ____A C:\Users\BryantKeefe\Downloads\pinterest-4b6c8.html

2013-04-15 14:48 - 2013-04-15 14:48 - 00185344 ____A C:\Users\BryantKeefe\Downloads\Top Investors by Monthly Volume - Mar 2013.xls

2013-04-13 06:40 - 2009-07-13 21:08 - 00032586 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-04-13 06:39 - 2012-11-11 04:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2013-04-12 06:45 - 2013-04-24 03:17 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2013-04-12 06:41 - 2013-04-12 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-04-11 04:59 - 2011-07-28 16:04 - 00002183 ____A C:\Users\Public\Desktop\Internet Browser.lnk

2013-04-10 05:52 - 2009-07-13 20:45 - 00366616 ____A C:\Windows\System32\FNTCACHE.DAT

2013-04-10 01:04 - 2011-11-15 08:16 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-04-10 01:02 - 2012-11-23 13:14 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-04-09 11:47 - 2013-03-26 07:20 - 00000000 ____D C:\Users\BryantKeefe\Documents\100Calls

2013-04-09 07:38 - 2012-11-10 16:55 - 00000000 ____D C:\users\BryantKeefe

2013-04-09 07:37 - 2013-04-09 07:37 - 00275080 ____A C:\Windows\Minidump\040913-72852-01.dmp

2013-04-06 01:23 - 2011-11-15 12:41 - 00000000 ____D C:\ProgramData\Skype

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-04-17 17:08:30

Restore point made on: 2013-04-18 17:04:08

Restore point made on: 2013-04-24 05:29:09

Restore point made on: 2013-04-24 16:38:51

Restore point made on: 2013-04-25 06:40:07

Restore point made on: 2013-04-25 19:28:55

Restore point made on: 2013-04-26 16:48:27

Restore point made on: 2013-05-02 16:51:18

Restore point made on: 2013-05-03 10:11:49

Restore point made on: 2013-05-04 07:23:15

Restore point made on: 2013-05-05 05:56:28

==================== Memory info ===========================

Percentage of memory in use: 16%

Total physical RAM: 3686.11 MB

Available physical RAM: 3077.71 MB

Total Pagefile: 3684.31 MB

Available Pagefile: 3078.45 MB

Total Virtual: 8192 MB

Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:188.94 GB) (Free:41.46 GB) NTFS (Disk=0 Partition=2)

Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.17 GB) NTFS (Disk=0 Partition=4)

Drive g: () (Removable) (Total:0.25 GB) (Free:0.24 GB) FAT (Disk=1 Partition=1)

Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Drive y: () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 232 GB 1024 KB

Disk 1 Online 253 MB 0 B

Partitions of Disk 0:

===============

Disk ID: 7C037A3B

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 200 MB 1024 KB

Partition 2 Primary 188 GB 201 MB

Partition 0 Extended 28 GB 189 GB

Partition 4 Logical 28 GB 189 GB

Partition 3 OEM 14 GB 218 GB

==================================================================================

Disk: 0

Partition 1

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y NTFS Partition 200 MB Healthy

=========================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C NTFS Partition 188 GB Healthy

=========================================================

Disk: 0

Partition 4

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 D LENOVO NTFS Partition 28 GB Healthy

=========================================================

Disk: 0

Partition 3

Type : 12

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 5 LENOVO_PART NTFS Partition 14 GB Healthy Hidden

=========================================================

Partitions of Disk 1:

===============

Disk ID: 0D0C0B0A

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 252 MB 16 KB

==================================================================================

Disk: 1

Partition 1

Type : 06

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 G FAT Removable 252 MB Healthy

=========================================================

============================== MBR & Partition Table ==================

====================================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 7C037A3B)

Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=189 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)

Partition 4: (Not Active) - (Size=15 GB) - (Type=12)

====================================================================

Disk: 1 (Size: 253 MB) (Disk ID: 0D0C0B0A)

Partition 1: (Active) - (Size=253 MB) - (Type=06)

Last Boot: 2013-05-04 08:30

==================== End Of Log ============================

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.