My laptop was running a bit slow and had the blue screen of death once so I thought I would start scanning for virus's, etc. Ran AVG and everything was OK but when I ran Malwarebytes there was 31 infected files. It asked me to restart and now it wont load windows. It gets to the login screen but when I log in it goes to a black screen with a cursor and doesn't get past it. I ran a boot repair, windows repair, avg repair, scanned system files and all was well there. Nothing has been able to find anything. I ran Farbar. Below is the log file. Thanks to anyone who can help.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:19-12-2015
Ran by SYSTEM on MININT-EN46LLQ (19-12-2015 14:29:10)
Running from g:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [224352 2010-12-24] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-12-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-10-05] (Malwarebytes)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...26dfa299cadb\InprocServer32: [Authentication UI Logon UI] authuitu.dll <==== ATTENTION
HKU\Jeri Warner\...\Policies\system: [LogonHoursAction] 2
HKU\Jeri Warner\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-06-18]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-06-18]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-12-09] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-12-09] (AVG Technologies CZ, s.r.o.)
S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-12-09] (AVG Technologies CZ, s.r.o.)
S4 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. )
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4378024 2015-11-23] (AVG Technologies CZ, s.r.o.)
S2 vToolbarUpdater40.2.3; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.3\ToolbarUpdater.exe [1923984 2015-12-10] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-10] ()
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-12] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3293272 2010-12-23] (Windows ® Win 7 DDK provider)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-11-23] (TuneUp Software)
S3 BcmSqlStartupSvc; no ImagePath
S2 CLKMSVC10_3A60B698; no ImagePath
S2 CLKMSVC10_C3B3B687; no ImagePath
S2 DriverService; no ImagePath
S2 IAStorDataMgrSvc; no ImagePath
S2 iATAgentService; no ImagePath
S2 idealife Update Service; no ImagePath
S3 IGRS; no ImagePath
S2 IviRegMgr; no ImagePath
S2 nvUpdatusService; no ImagePath
S2 Oasis2Service; no ImagePath
S2 PCCarerService; no ImagePath
S2 ReadyComm.DirectRouter; no ImagePath
S2 RichVideo; no ImagePath
S2 RtLedService; no ImagePath
S2 SeaPort; no ImagePath
S2 SoftwareService; no ImagePath
S3 SQLWriter; no ImagePath
S2 Stereo Service; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-19 14:28 - 2015-12-19 14:29 - 00000000 ____D C:\FRST
2015-12-19 04:12 - 2015-12-19 05:16 - 00126475 _____ C:\Windows\System32\avgrep.txt
2015-12-18 13:42 - 2015-12-18 13:42 - 00000000 _____ C:\Windows\Minidump\121815-45021-01.dmp
2015-12-13 23:26 - 2015-12-13 23:26 - 00003352 ____N C:\bootsqm.dat
2015-12-13 23:18 - 2015-12-13 23:18 - 00000000 __SHD C:\found.000
2015-12-13 00:00 - 2015-12-19 04:08 - 00641224 _____ C:\Windows\ntbtlog.txt
2015-12-12 22:56 - 2015-12-12 22:57 - 00192216 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2015-12-12 22:56 - 2015-12-12 22:56 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-12 22:56 - 2015-12-12 22:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-12 22:56 - 2015-12-12 22:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-12 22:56 - 2015-10-05 08:50 - 00109272 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbamchameleon.sys
2015-12-12 22:56 - 2015-10-05 08:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mwac.sys
2015-12-12 22:56 - 2015-10-05 08:50 - 00025816 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2015-12-12 22:54 - 2015-12-12 22:55 - 22908888 _____ (Malwarebytes ) C:\Users\Jeri Warner\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-12 11:56 - 2015-12-18 13:41 - 417599213 _____ C:\Windows\MEMORY.DMP
2015-12-12 11:56 - 2015-12-12 11:56 - 00262144 _____ C:\Windows\Minidump\121215-67860-01.dmp
2015-12-12 08:59 - 2015-12-12 08:59 - 00000000 ____D C:\Users\Jeri Warner\Downloads\Autoruns
2015-12-12 08:35 - 2015-12-12 08:35 - 00002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2015-12-08 22:56 - 2015-12-08 22:56 - 00003694 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2015-12-08 22:09 - 2015-11-20 10:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2015-12-08 22:09 - 2015-11-20 10:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2015-12-08 22:09 - 2015-11-20 10:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2015-12-08 22:09 - 2015-11-20 10:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2015-12-08 22:09 - 2015-11-20 10:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2015-12-08 22:09 - 2015-11-20 10:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2015-12-08 22:09 - 2015-11-20 10:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2015-12-08 22:09 - 2015-11-20 10:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2015-12-08 22:09 - 2015-11-20 10:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2015-12-08 22:09 - 2015-11-20 10:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2015-12-08 22:09 - 2015-11-20 10:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2015-12-08 22:09 - 2015-11-20 10:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-08 22:09 - 2015-11-20 10:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-08 22:09 - 2015-11-20 10:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-08 22:09 - 2015-11-20 10:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-08 22:09 - 2015-11-20 10:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-08 22:09 - 2015-11-10 10:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2015-12-08 22:09 - 2015-11-10 10:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2015-12-08 22:09 - 2015-11-10 10:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\System32\user32.dll
2015-12-08 22:09 - 2015-11-10 10:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-08 22:09 - 2015-11-10 10:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-08 22:09 - 2015-11-10 09:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-12-08 22:09 - 2015-11-05 11:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\wshrm.dll
2015-12-08 22:09 - 2015-11-05 11:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-08 22:09 - 2015-11-05 11:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2015-12-08 22:09 - 2015-11-05 11:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-08 22:09 - 2015-11-05 01:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2015-12-08 22:09 - 2015-11-03 11:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\System32\usp10.dll
2015-12-08 22:09 - 2015-11-03 10:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-08 22:09 - 2015-10-08 15:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\nlsbres.dll
2015-12-08 22:09 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-08 22:09 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\kbdgeoqw.dll
2015-12-08 22:09 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDAZEL.DLL
2015-12-08 22:09 - 2015-10-08 15:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\KBDAZE.DLL
2015-12-08 22:09 - 2015-10-08 15:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-08 22:09 - 2015-10-08 15:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-08 22:09 - 2015-10-08 15:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-08 22:09 - 2015-10-08 11:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-08 22:09 - 2015-10-08 10:52 - 00419928 _____ C:\Windows\System32\locale.nls
2015-12-08 22:08 - 2015-11-11 13:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-12-08 22:08 - 2015-11-11 12:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-08 22:08 - 2015-11-11 10:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\System32\comsvcs.dll
2015-12-08 22:08 - 2015-11-11 10:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\System32\catsrvut.dll
2015-12-08 22:08 - 2015-11-11 10:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-08 22:08 - 2015-11-11 10:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-08 22:08 - 2015-11-11 08:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-12-08 22:08 - 2015-11-11 08:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-08 22:08 - 2015-11-11 07:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-08 22:08 - 2015-11-11 07:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-08 22:08 - 2015-11-11 07:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-08 22:08 - 2015-11-11 07:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-12-08 22:08 - 2015-11-11 06:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-08 22:08 - 2015-11-09 16:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-08 22:08 - 2015-11-09 16:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-08 22:08 - 2015-11-09 16:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-08 22:08 - 2015-11-09 16:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-08 22:08 - 2015-11-09 16:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-08 22:08 - 2015-11-09 16:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-08 22:08 - 2015-11-09 16:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-08 22:08 - 2015-11-09 16:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-08 22:08 - 2015-11-09 16:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-08 22:08 - 2015-11-09 16:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-08 22:08 - 2015-11-09 16:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-08 22:08 - 2015-11-09 16:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-08 22:08 - 2015-11-09 16:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-08 22:08 - 2015-11-09 15:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-08 22:08 - 2015-11-09 15:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-08 22:08 - 2015-11-09 15:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-08 22:08 - 2015-11-09 15:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-08 22:08 - 2015-11-09 15:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-08 22:08 - 2015-11-09 15:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-08 22:08 - 2015-11-09 15:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-08 22:08 - 2015-11-09 15:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-08 22:08 - 2015-11-09 15:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-08 22:08 - 2015-11-09 15:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-08 22:08 - 2015-11-09 15:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-08 22:08 - 2015-11-08 14:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-12-08 22:08 - 2015-11-08 14:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2015-12-08 22:08 - 2015-11-08 14:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2015-12-08 22:08 - 2015-11-08 14:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-12-08 22:08 - 2015-11-08 14:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-12-08 22:08 - 2015-11-08 14:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2015-12-08 22:08 - 2015-11-08 14:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2015-12-08 22:08 - 2015-11-08 14:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-12-08 22:08 - 2015-11-08 14:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-12-08 22:08 - 2015-11-08 14:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2015-12-08 22:08 - 2015-11-08 14:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-12-08 22:08 - 2015-11-08 14:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-12-08 22:08 - 2015-11-08 14:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-12-08 22:08 - 2015-11-08 14:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2015-12-08 22:08 - 2015-11-08 14:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2015-12-08 22:08 - 2015-11-08 14:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2015-12-08 22:08 - 2015-11-08 13:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2015-12-08 22:08 - 2015-11-08 13:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-12-08 22:08 - 2015-11-08 13:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-12-08 22:08 - 2015-11-08 13:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-12-08 22:08 - 2015-11-08 13:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-12-08 22:08 - 2015-11-08 13:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2015-12-08 22:08 - 2015-11-08 13:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2015-12-08 22:08 - 2015-11-08 13:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-12-08 22:08 - 2015-11-08 13:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-12-08 22:08 - 2015-11-08 13:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-12-08 22:08 - 2015-11-08 13:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2015-12-08 22:08 - 2015-11-08 13:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-12-08 22:08 - 2015-11-08 12:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-12-08 22:08 - 2015-11-08 12:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-12-08 22:08 - 2015-11-08 12:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-12-08 22:05 - 2015-11-03 11:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\System32\els.dll
2015-12-08 22:05 - 2015-11-03 10:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-08 21:50 - 2015-11-23 15:41 - 00046504 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\TURegOpt.exe
2015-12-08 21:50 - 2015-11-23 15:37 - 00037288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\System32\authuitu.dll
2015-12-08 21:50 - 2015-11-23 15:37 - 00032680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2015-12-08 21:44 - 2015-12-08 21:45 - 00000000 ____D C:\Users\Jeri Warner\AppData\Local\AVG Web TuneUp
2015-12-08 21:44 - 2015-12-08 21:44 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2015-12-08 21:44 - 2015-12-08 21:44 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2015-12-08 21:44 - 2015-12-08 21:44 - 00000000 ____D C:\ProgramData\AVG Secure Search
2015-12-08 21:44 - 2015-12-08 21:44 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2015-12-08 21:44 - 2015-12-08 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-08 21:43 - 2015-12-10 20:56 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-12-08 21:38 - 2015-12-08 21:49 - 00000000 ____D C:\Users\Jeri Warner\AppData\Roaming\AVG
2015-12-08 21:36 - 2015-12-08 21:36 - 00000000 ___HD C:\$AVG
2015-12-08 21:33 - 2015-12-08 21:33 - 00000938 _____ C:\Users\Public\Desktop\AVG.lnk
2015-12-08 21:31 - 2015-12-08 21:49 - 00000000 ____D C:\ProgramData\Avg
2015-12-08 21:29 - 2015-12-08 21:49 - 00000000 ____D C:\Users\Jeri Warner\AppData\Local\AvgSetupLog
2015-12-03 20:57 - 2015-12-03 20:57 - 00979002 _____ C:\Users\Jeri Warner\Downloads\Order11524344.pdf
2015-12-01 20:30 - 2015-12-12 11:56 - 00000000 ____D C:\Windows\Minidump
2015-12-01 20:12 - 2015-12-01 20:12 - 00276096 _____ C:\Users\Jeri Warner\Downloads\Estatement_Nov_2015_xxxxx7671 (1).pdf
2015-12-01 20:07 - 2015-12-01 20:07 - 00000165 ____H C:\Users\Jeri Warner\Documents\~$Budget.xlsx
2015-11-21 16:09 - 2015-11-21 16:09 - 00000000 ____D C:\d66b6423c0f7cd468496f353a94e86
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-19 13:01 - 2011-06-18 12:17 - 00122465 _____ C:\Windows\System32\fastboot.set
2015-12-19 13:01 - 2011-06-18 12:13 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-19 13:00 - 2013-10-22 20:02 - 00065536 _____ C:\Windows\System32\Ikeext.etl
2015-12-19 13:00 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-18 14:22 - 2011-11-06 12:23 - 00000000 ____D C:\Users\Jeri Warner\AppData\Local\ElevatedDiagnostics
2015-12-18 14:21 - 2009-07-13 21:13 - 00166588 _____ C:\Windows\System32\PerfStringBackup.INI
2015-12-18 14:21 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2015-12-18 13:41 - 2009-07-13 19:20 - 00000000 ____D C:\Windows
2015-12-13 23:49 - 2013-02-24 15:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-13 23:27 - 2012-03-03 10:47 - 00000000 ____D C:\ProgramData\MFAData
2015-12-13 22:58 - 2009-07-13 20:45 - 00028928 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-13 22:58 - 2009-07-13 20:45 - 00028928 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-12 23:30 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\tracing
2015-12-12 23:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\L2Schemas
2015-12-12 14:27 - 2011-06-18 12:13 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-12 14:23 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2015-12-12 09:03 - 2015-02-07 09:06 - 00004604 _____ C:\Windows\System32\Tasks\Validate Installation
2015-12-12 09:03 - 2015-02-07 09:06 - 00004398 _____ C:\Windows\System32\Tasks\Check Updates
2015-12-12 08:12 - 2014-11-19 20:09 - 00000000 ____D C:\Users\Jeri Warner\AppData\Local\Avg
2015-12-10 20:57 - 2011-06-18 12:13 - 00003904 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-10 20:57 - 2011-06-18 12:13 - 00003652 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-10 20:53 - 2009-07-13 20:45 - 00420664 _____ C:\Windows\System32\FNTCACHE.DAT
2015-12-08 23:49 - 2011-08-30 21:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-08 23:47 - 2013-03-13 19:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-08 23:47 - 2013-03-13 19:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-08 23:37 - 2013-08-16 17:00 - 00000000 ____D C:\Windows\System32\MRT
2015-12-08 23:36 - 2011-09-17 08:12 - 140158008 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2015-12-08 23:29 - 2013-02-24 15:40 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-08 23:29 - 2013-02-24 15:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-08 23:29 - 2013-02-24 15:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-08 22:55 - 2014-06-29 16:47 - 00000000 ____D C:\Users\Jeri Warner\AppData\Roaming\Skype
2015-12-08 22:55 - 2011-09-14 17:36 - 00000000 ____D C:\Users\Jeri Warner\Documents\Youcam
2015-12-08 22:55 - 2011-08-30 21:34 - 00000000 ____D C:\Users\Jeri Warner\AppData\Local\Microsoft Help
2015-12-08 22:55 - 2011-06-18 12:05 - 00000000 ____D C:\ProgramData\Temp
2015-12-08 22:55 - 2011-06-18 12:04 - 00000000 __HDC C:\ProgramData\{373A11D3-0B96-4E16-9184-7D0FBE86932F}
2015-12-08 22:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep
2015-12-08 21:50 - 2011-08-30 19:31 - 00000000 ____D C:\Users\Jeri Warner\AppData\Local\VirtualStore
2015-12-08 21:49 - 2012-03-03 11:04 - 00000000 ____D C:\Program Files (x86)\AVG
2015-12-08 21:38 - 2015-06-30 19:08 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-07 23:23 - 2015-03-15 14:12 - 00000000 ____D C:\ProgramData\Comodo
2015-12-07 23:22 - 2011-06-18 12:13 - 00000000 ____D C:\Program Files\Google
2015-12-07 23:22 - 2011-06-18 12:12 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-07 22:15 - 2011-08-30 19:02 - 00000000 ____D C:\Users\Jeri Warner\AppData\Local\Google
2015-12-07 22:15 - 2011-06-18 12:13 - 00000000 ____D C:\ProgramData\Google
==================== Known DLLs (Whitelisted) =========================
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2015-12-08 22:09] - [2015-11-10 10:55] - 1008640 ____A (Microsoft Corporation) 06BF84D26A05D400F6B3FB3D3DE0B03A
C:\Windows\SysWOW64\User32.dll
[2015-12-08 22:09] - [2015-11-10 10:37] - 0833024 ____A (Microsoft Corporation) 0A78439765E31510D75C9E2284F3A722
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE Association (Whitelisted) =============
==================== Restore Points =========================
Restore point date: 2015-12-19 04:38
==================== Memory info ===========================
Percentage of memory in use: 10%
Total physical RAM: 8106.17 MB
Available physical RAM: 7282.91 MB
Total Virtual: 8104.37 MB
Available Virtual: 7274.39 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:421.81 GB) (Free:343.61 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.2 GB) NTFS
Drive g: (MALLORIE) (Removable) (Total:3.73 GB) (Free:3.04 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 39D06D3A)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
Partition: GPT.
LastRegBack: 2015-12-12 14:16
==================== End of FRST.txt ============================