Hi, and thank you for your response. Here is the scan:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014
Ran by SYSTEM on MININT-CRK9LEE on 27-04-2014 14:53:08
Running from I:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [16395880 2009-11-28] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1814312 2009-08-14] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610872 2009-08-25] ()
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [kmw_run.exe] => kmw_run.exe
HKLM-x32\...\Run: [MSWheel] => [X]
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [534160 2013-03-26] (QFX Software Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2544664 2014-03-23] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)
Startup: C:\Users\jmacbeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
==================== Services (Whitelisted) =================
S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
S2 NCO; C:\Program Files (x86)\Norton Safe Web Lite\Engine\2014.7.0.43\NST.exe [130104 2014-03-11] (Symantec Corporation)
S2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120 2014-03-30] (Trusteer Ltd.)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S2 vToolbarUpdater15.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [990896 2013-04-02] ()
S2 vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [1771032 2014-03-23] (AVG Secure Search)
==================== Drivers (Whitelisted) ====================
S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
S1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-23] (AVG Technologies)
S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
S3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222232 2013-03-26] (QFX Software Corporation)
S3 KMW_KBD; C:\Windows\SysWOW64\DRIVERS\KMW_KBD.sys [5248 2003-12-01] (Kensington Technology Group)
S1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [606672 2013-10-26] ()
S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [282968 2014-03-30] (Trusteer Ltd.)
S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [236248 2013-04-02] (Trusteer Ltd.)
S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [397848 2014-03-30] (Trusteer Ltd.)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 eabfiltr;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-27 13:37 - 2014-04-27 14:53 - 00000000 ____D () C:\FRST
2014-04-27 13:36 - 2014-04-27 13:36 - 02061824 _____ (Farbar) C:\Users\jmacbeth\Downloads\FRST64.exe
2014-04-24 21:14 - 2014-04-24 21:14 - 00000000 ____D () C:\Users\TEMP.jmacbeth-PC\AppData\Roaming\SUPERAntiSpyware.com
2014-04-24 21:14 - 2014-04-24 21:14 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-04-24 21:14 - 2014-04-24 21:14 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-24 18:41 - 2014-04-24 21:05 - 00000000 ____D () C:\VIPRERESCUE
2014-04-24 18:41 - 2013-09-04 13:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\System32\Drivers\gfiutil.sys
2014-04-24 18:41 - 2013-05-23 07:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\System32\Drivers\gfiark.sys
2014-04-24 18:10 - 2014-04-24 18:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-04-24 18:10 - 2014-04-24 18:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-24 18:10 - 2014-04-03 08:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-04-24 18:10 - 2014-04-03 08:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2014-04-24 18:00 - 2014-04-24 18:00 - 00003254 _____ () C:\Windows\System32\Tasks\{B5F94EC1-A48C-44F8-87D5-D242D56492B1}
2014-04-24 17:47 - 2014-04-24 21:36 - 00000000 ____D () C:\users\TEMP.jmacbeth-PC
2014-04-22 21:47 - 2014-03-06 00:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-04-22 21:47 - 2014-03-05 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-22 21:46 - 2014-03-06 02:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-04-22 21:46 - 2014-03-06 01:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-04-22 21:46 - 2014-03-06 01:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-04-22 21:46 - 2014-03-06 01:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-22 21:46 - 2014-03-06 00:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-04-22 21:46 - 2014-03-06 00:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-04-22 21:46 - 2014-03-06 00:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-04-22 21:46 - 2014-03-06 00:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-04-22 21:46 - 2014-03-06 00:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-04-22 21:46 - 2014-03-06 00:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-04-22 21:46 - 2014-03-06 00:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-22 21:46 - 2014-03-06 00:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-04-22 21:46 - 2014-03-06 00:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-04-22 21:46 - 2014-03-06 00:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-04-22 21:46 - 2014-03-06 00:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-04-22 21:46 - 2014-03-06 00:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-04-22 21:46 - 2014-03-06 00:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-04-22 21:46 - 2014-03-06 00:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-04-22 21:46 - 2014-03-06 00:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-22 21:46 - 2014-03-06 00:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-22 21:46 - 2014-03-06 00:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-22 21:46 - 2014-03-05 23:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-04-22 21:46 - 2014-03-05 23:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-04-22 21:46 - 2014-03-05 23:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-22 21:46 - 2014-03-05 23:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-22 21:46 - 2014-03-05 23:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-22 21:46 - 2014-03-05 23:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-22 21:46 - 2014-03-05 23:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-04-22 21:46 - 2014-03-05 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-22 21:46 - 2014-03-05 23:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-22 21:46 - 2014-03-05 23:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-22 21:46 - 2014-03-05 23:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-04-22 21:46 - 2014-03-05 23:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-22 21:46 - 2014-03-05 23:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-04-22 21:46 - 2014-03-05 23:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-22 21:46 - 2014-03-05 23:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-22 21:46 - 2014-03-05 22:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-04-22 21:46 - 2014-03-05 22:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-22 21:46 - 2014-03-05 22:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-22 21:46 - 2014-03-05 22:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-22 21:46 - 2014-03-05 22:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-04-22 21:46 - 2014-03-05 21:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-04-22 21:46 - 2014-03-05 21:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-04-22 21:46 - 2014-03-05 21:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-22 21:46 - 2014-03-05 21:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-22 21:46 - 2014-03-05 21:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-22 17:38 - 2014-04-23 17:47 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForjmacbeth.job
2014-04-22 17:38 - 2014-04-22 17:52 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForjmacbeth
2014-04-18 14:01 - 2014-04-18 14:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgidsdrivera.sys
2014-04-08 19:49 - 2014-03-04 01:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-04-08 19:49 - 2014-03-04 01:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2014-04-08 19:49 - 2014-03-04 01:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2014-04-08 19:49 - 2014-03-04 01:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2014-04-08 19:49 - 2014-03-04 01:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2014-04-08 19:49 - 2014-03-04 01:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-08 19:49 - 2014-03-04 01:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-08 19:49 - 2014-03-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-08 19:49 - 2014-03-04 01:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-08 19:49 - 2014-03-04 00:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-08 19:49 - 2014-03-04 00:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-08 19:49 - 2014-02-03 18:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2014-04-08 19:49 - 2014-02-03 18:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-04-08 19:49 - 2014-02-03 18:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-04-08 19:49 - 2014-02-03 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\iologmsg.dll
2014-04-08 19:49 - 2014-02-03 18:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-08 19:45 - 2014-01-23 18:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-03-31 15:20 - 2014-03-31 15:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgtdia.sys
2014-03-31 15:06 - 2014-03-31 15:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgmfx64.sys
2014-03-30 14:56 - 2014-04-24 17:56 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-30 14:56 - 2014-03-30 14:56 - 00000000 ____D () C:\Users\jmacbeth\AppData\Roaming\AVG2014
2014-03-30 14:55 - 2014-03-30 14:56 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-30 14:55 - 2014-03-30 14:55 - 00000000 ___HD () C:\$AVG
2014-03-30 14:54 - 2014-03-30 14:54 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-03-30 14:48 - 2014-03-30 15:17 - 00000000 ____D () C:\Users\jmacbeth\AppData\Local\Avg2014
2014-03-30 14:48 - 2014-03-30 14:48 - 04471880 _____ (AVG Technologies) C:\Users\jmacbeth\Downloads\avg_free_stb_all_2014_4354_cnet.exe
2014-03-30 14:45 - 2014-03-30 14:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-30 12:21 - 2014-04-27 13:47 - 00000896 _____ () C:\Windows\setupact.log
2014-03-30 12:21 - 2014-04-26 15:16 - 00161930 _____ () C:\Windows\PFRO.log
2014-03-30 12:21 - 2014-03-30 12:21 - 00000000 _____ () C:\Windows\setuperr.log
==================== One Month Modified Files and Folders =======
2014-04-27 14:53 - 2014-04-27 13:37 - 00000000 ____D () C:\FRST
2014-04-27 13:48 - 2009-07-13 20:45 - 00023248 _____ () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-27 13:48 - 2009-07-13 20:45 - 00023248 _____ () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-27 13:47 - 2014-03-30 12:21 - 00000896 _____ () C:\Windows\setupact.log
2014-04-27 13:47 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-27 13:36 - 2014-04-27 13:36 - 02061824 _____ (Farbar) C:\Users\jmacbeth\Downloads\FRST64.exe
2014-04-26 15:37 - 2011-10-24 17:11 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-26 15:21 - 2011-10-24 17:11 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-26 15:16 - 2014-03-30 12:21 - 00161930 _____ () C:\Windows\PFRO.log
2014-04-26 15:16 - 2013-04-11 14:29 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-26 15:16 - 2013-04-01 13:30 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-24 21:36 - 2014-04-24 17:47 - 00000000 ____D () C:\users\TEMP.jmacbeth-PC
2014-04-24 21:36 - 2010-02-09 01:26 - 01933435 _____ () C:\Windows\WindowsUpdate.log
2014-04-24 21:14 - 2014-04-24 21:14 - 00000000 ____D () C:\Users\TEMP.jmacbeth-PC\AppData\Roaming\SUPERAntiSpyware.com
2014-04-24 21:14 - 2014-04-24 21:14 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-04-24 21:14 - 2014-04-24 21:14 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-04-24 21:05 - 2014-04-24 18:41 - 00000000 ____D () C:\VIPRERESCUE
2014-04-24 20:56 - 2012-04-27 13:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-24 18:10 - 2014-04-24 18:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-04-24 18:10 - 2014-04-24 18:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-24 18:10 - 2013-04-11 12:41 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-24 18:10 - 2013-04-01 17:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-24 18:03 - 2010-02-20 19:37 - 00000000 ____D () C:\users\jmacbeth
2014-04-24 18:00 - 2014-04-24 18:00 - 00003254 _____ () C:\Windows\System32\Tasks\{B5F94EC1-A48C-44F8-87D5-D242D56492B1}
2014-04-24 17:56 - 2014-03-30 14:56 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-23 20:34 - 2013-04-05 13:55 - 00775124 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-23 20:33 - 2009-07-13 21:13 - 00775124 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-04-23 17:47 - 2014-04-22 17:38 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForjmacbeth.job
2014-04-23 17:46 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-22 17:52 - 2014-04-22 17:38 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForjmacbeth
2014-04-22 17:51 - 2010-03-05 14:14 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-04-18 14:01 - 2014-04-18 14:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgidsdrivera.sys
2014-04-10 18:32 - 2013-04-11 12:45 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-04-08 21:30 - 2010-01-09 16:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-08 21:28 - 2013-08-14 10:49 - 00000000 ____D () C:\Windows\System32\MRT
2014-04-08 21:25 - 2010-03-07 21:09 - 90655440 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-04-08 19:29 - 2012-04-29 13:28 - 00000000 ____D () C:\Users\Public\Documents\RSIGuard
2014-04-08 19:29 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-08 19:22 - 2010-03-18 18:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-07 20:06 - 2012-04-29 13:31 - 00000000 ____D () C:\Users\jmacbeth\AppData\Roaming\RSIGuard
2014-04-07 19:03 - 2012-05-04 14:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-03 08:51 - 2014-04-24 18:10 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-04-03 08:51 - 2014-04-24 18:10 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2014-04-03 08:50 - 2013-04-11 12:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2014-03-31 15:20 - 2014-03-31 15:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgtdia.sys
2014-03-31 15:06 - 2014-03-31 15:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgmfx64.sys
2014-03-30 15:17 - 2014-03-30 14:48 - 00000000 ____D () C:\Users\jmacbeth\AppData\Local\Avg2014
2014-03-30 14:56 - 2014-03-30 14:56 - 00000000 ____D () C:\Users\jmacbeth\AppData\Roaming\AVG2014
2014-03-30 14:56 - 2014-03-30 14:55 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-30 14:55 - 2014-03-30 14:55 - 00000000 ___HD () C:\$AVG
2014-03-30 14:54 - 2014-03-30 14:54 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-03-30 14:51 - 2013-04-06 10:01 - 00000000 ____D () C:\Users\jmacbeth\Desktop\Temp Files
2014-03-30 14:48 - 2014-03-30 14:48 - 04471880 _____ (AVG Technologies) C:\Users\jmacbeth\Downloads\avg_free_stb_all_2014_4354_cnet.exe
2014-03-30 14:45 - 2014-03-30 14:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-30 14:34 - 2011-10-30 14:18 - 00000000 _____ () C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-30 12:26 - 2010-06-16 20:46 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-30 12:21 - 2014-03-30 12:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-30 09:07 - 2013-06-25 12:36 - 00000000 ____D () C:\Users\jmacbeth\AppData\Local\CrashDumps
2014-03-30 09:07 - 2010-04-03 14:39 - 00000000 ____D () C:\Windows\Minidump
2014-03-30 08:57 - 2014-03-23 14:15 - 00000000 ____D () C:\ProgramData\Amazon
2014-03-30 08:57 - 2010-01-09 15:07 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-29 14:02 - 2014-02-17 13:23 - 00000000 ____D () C:\Users\jmacbeth\Documents\TurboTax
2014-03-29 10:15 - 2011-10-24 17:11 - 00003898 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 10:15 - 2011-10-24 17:11 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 09:48 - 2013-06-14 18:26 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2014-03-30 12:25:47
Restore point made on: 2014-03-30 14:54:45
Restore point made on: 2014-03-30 14:55:26
Restore point made on: 2014-04-08 19:43:37
Restore point made on: 2014-04-08 21:23:59
Restore point made on: 2014-04-22 21:45:59
Restore point made on: 2014-04-23 20:33:04
Restore point made on: 2014-04-24 18:01:38
==================== Memory info ===========================
Percentage of memory in use: 11%
Total physical RAM: 8182.87 MB
Available physical RAM: 7245.54 MB
Total Pagefile: 8181.02 MB
Available Pagefile: 7238.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:452.2 GB) (Free:318.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (RECOVERY) (Fixed) (Total:13.27 GB) (Free:2.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive i: (512MB FLASH) (Removable) (Total:0.47 GB) (Free:0.19 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 094B8C03)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
========================================================
Disk: 1 (Size: 484 MB) (Disk ID: 00000000)
Partition: GPT Partition Type.
LastRegBack: 2014-04-22 19:43
==================== End Of Log ============================