Here is the FRST txt log file
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-10-2014
Ran by Daves-New Daw (administrator) on 1100TDAW on 25-10-2014 12:53:17
Running from C:\Users\Daves-New Daw\Desktop
Loaded Profile: Daves-New Daw (Available profiles: Daves-New Daw)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Two Pilots) C:\Windows\VPDAgent_x64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track Ultra\AudioDevMon.exe
(The Neat Company) C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 6\PDFProFiltSrv.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track Ultra\DriverInterface.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR ReadySHARE\Cloud\bin\lnhttpservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Charles Schwab & Co., Inc.) C:\Program Files (x86)\Schwab\StreetSmart Edge\QuickLaunch.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LBTWiz.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1873919245-3307368689-1297195964-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-10-26] (Google Inc.)
HKU\S-1-5-21-1873919245-3307368689-1297195964-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Daves-New Daw\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1873919245-3307368689-1297195964-1000\...\Run: [QuickLaunch] => C:\Program Files (x86)\Schwab\StreetSmart Edge\QuickLaunch.exe [12288 2014-06-17] (Charles Schwab & Co., Inc.)
HKU\S-1-5-21-1873919245-3307368689-1297195964-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-1873919245-3307368689-1297195964-1000\...\MountPoints2: {21bf185a-fb80-11e2-8dba-96211f5766d9} - D:\LaunchU3.exe
HKU\S-1-5-21-1873919245-3307368689-1297195964-1000\...\MountPoints2: {c9c12782-2a2c-11e1-80af-00241d7e5747} - I:\LaunchU3.exe
HKU\S-1-5-21-1873919245-3307368689-1297195964-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Smart Wizard.lnk
ShortcutTarget: NETGEAR WNDA3100v2 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
austin360.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
www.msn.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9F2AC4292845CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM-x32 - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL =
search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm003^YYA^us&si=CMHMv5GOpL0CFY3m7Aod2wEAZQ&ptb=44B778A8-5D40-4BAA-8CEF-CF73F473B632&ind=2014032113&n=780bb0f1&psa=&st=sb&searchfor={searchTerms}SearchScopes: HKCU - {2CC375C9-D50D-41EA-ADF0-56A0C22277A0} URL =
www.mysearchresults.com/search?&c=2652&t=03&q={searchTerms}SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
isearch.avg.com/search?cid={FA2C9488-73EB-4F9D-A855-7A3CF95D884C}&mid=8167b6ad40931f7eca1ef1439ac2f60a-c130e9df9cc98578f261258c50442430c6159530&lang=en&ds=AVG&pr=fr&d=2012-10-04 17:44:41&v=15.5.0.2&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL =
search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm003^YYA^us&si=CMHMv5GOpL0CFY3m7Aod2wEAZQ&ptb=44B778A8-5D40-4BAA-8CEF-CF73F473B632&ind=2014032113&n=780bb0f1&psa=&st=sb&searchfor={searchTerms}BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089}
office.microsoft.com/_layouts/ClientBin/ieawsdc32.cabDPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9}
support.asus.com/select/asusTek_sys_ctrl3.cabDPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000}
fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 6\bin\nppdf.dll (Zeon Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-11-06]
Chrome:
=======
CHR Profile: C:\Users\Daves-New Daw\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daves-New Daw\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-23]
CHR Extension: (Google Wallet) - C:\Users\Daves-New Daw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Agent; C:\Windows\VPDAgent_x64.exe [148480 2012-12-04] (Two Pilots) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-01] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [1025352 2011-09-01] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 FastTrackUltraAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Ultra\AudioDevMon.exe [1700624 2013-06-18] (M-Audio)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [6144 2014-08-06] (The Neat Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [File not signed]
R2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 6\PDFProFiltSrv.exe [134944 2009-11-02] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [File not signed]
R2 ReadyNAS Remote Http Service; C:\Program Files (x86)\NETGEAR ReadySHARE\Cloud\bin\lnhttpservice.exe [100160 2011-07-18] (NETGEAR)
R2 WSWNDA3100; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [272864 2010-08-19] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-13] (Microsoft Corporation)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R3 Fwleaf; C:\Windows\System32\DRIVERS\fwleaf.sys [27200 2011-04-07] (NETGEAR)
R3 leafnets; C:\Windows\System32\DRIVERS\leafnets.sys [29696 2011-05-26] (Leaf Networks)
R3 MAUSBFASTTRACKULTRA; C:\Windows\System32\DRIVERS\MAudioFastTrackUltra.sys [180496 2013-06-18] (M-Audio)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
S3 MRV6X64U; C:\Windows\System32\DRIVERS\WN111x.sys [340480 2007-10-28] (Marvell Semiconductor, Inc)
S3 Mrvleap; C:\Windows\SysWOW64\DRIVERS\mrv64drv.sys [18944 2007-09-11] (Windows (R) Codename Longhorn DDK provider)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 pae_1394; C:\Windows\System32\Drivers\pae_1394_x64.sys [196992 2010-02-03] (Archwave AG)
S3 pae_avs; C:\Windows\System32\Drivers\pae_avs_x64.sys [72576 2010-02-03] (Archwave AG)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-06-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-06-18] ()
S3 RDID1027; C:\Windows\System32\Drivers\rdwm1027.sys [81920 2009-09-18] (Roland Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
S3 Saffire; C:\Windows\System32\Drivers\Saffire.sys [222064 2012-03-30] (Focusrite A.E.)
S3 SaffireAudio; C:\Windows\System32\drivers\SaffireAudio.sys [40176 2012-03-30] (Focusrite A.E.)
S3 SaffireMidi; C:\Windows\System32\drivers\SaffireMidi.sys [50800 2012-03-30] (Focusrite A.E.)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 sessusb_svc; C:\Windows\System32\Drivers\sessusb.sys [97360 2011-04-11] (Native Instruments GmbH)
S3 sessusb_x64; C:\Windows\System32\Drivers\sessusb_x64.sys [233488 2008-12-09] (Native Instruments GmbH)
R3 vl810filter; C:\Windows\System32\DRIVERS\vl810filter.sys [17008 2011-02-16] (VIA Labs, Inc.)
S3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
S3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
S3 AODDriver2; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 WPRO_41_1742; system32\drivers\WPRO_41_1742.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-25 12:53 - 2014-10-25 12:53 - 00022731 _____ () C:\Users\Daves-New Daw\Desktop\FRST.txt
2014-10-25 12:52 - 2014-10-25 12:53 - 00000000 ____D () C:\FRST
2014-10-25 12:36 - 2014-10-25 12:36 - 02112512 _____ (Farbar) C:\Users\Daves-New Daw\Downloads\FRST64.exe
2014-10-25 12:36 - 2014-10-25 12:36 - 02112512 _____ (Farbar) C:\Users\Daves-New Daw\Desktop\FRST64.exe
2014-10-25 12:19 - 2014-10-25 12:19 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{FCA7F757-A48E-4017-BA2C-45C41C4D8E62}
2014-10-25 07:28 - 2014-10-25 12:25 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-25 07:28 - 2014-10-25 07:28 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-25 07:28 - 2014-10-25 07:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-25 07:28 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-25 07:28 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-25 07:28 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-25 07:27 - 2014-10-25 07:27 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Daves-New Daw\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-25 05:18 - 2014-10-25 05:18 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{289960C8-8ED6-451C-8927-E560BC589380}
2014-10-25 02:17 - 2014-10-25 02:18 - 00000000 ____D () C:\Users\Daves-New Daw\Downloads\TxTag
2014-10-24 15:32 - 2014-10-02 15:53 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-24 07:39 - 2014-10-24 07:39 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{2412F8B0-ABA8-4F84-89C9-09818F1D32F7}
2014-10-23 06:19 - 2014-10-23 06:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-23 06:19 - 2014-10-23 06:19 - 00002304 _____ () C:\Users\Daves-New Daw\Desktop\Google Chrome.lnk
2014-10-23 06:19 - 2014-10-23 06:19 - 00002269 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-23 04:47 - 2014-10-23 04:48 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{459E2CB5-88D0-470B-9869-A31355F82963}
2014-10-22 16:20 - 2014-10-22 16:20 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-10-22 05:49 - 2014-10-22 05:49 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{3F92E3F2-603C-4233-9236-EFADB389EDFC}
2014-10-21 07:27 - 2014-10-21 07:27 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{3B5497F4-1B8F-4C27-AA09-39E650BEAD95}
2014-10-21 01:18 - 2014-10-21 01:18 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{B9CB51A0-F6B6-4719-A405-BBA9A33DC69D}
2014-10-20 06:29 - 2014-10-20 06:29 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{9D4B9934-7F2A-4FF0-9F1F-F1F4ED831B3F}
2014-10-19 06:19 - 2014-10-19 06:19 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{52319564-4A38-4CE6-A869-BACD9DC5E11B}
2014-10-18 18:41 - 2014-10-18 18:41 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{BCC16B11-EAD2-4B6B-A348-382FF324D7AF}
2014-10-18 05:51 - 2014-10-18 05:51 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{7DD8D03F-E974-4E9D-A963-399D0FBC1B14}
2014-10-18 04:18 - 2014-10-18 04:18 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{0ADF39A4-842F-461D-9EC0-4040982CA8E7}
2014-10-17 05:46 - 2014-10-17 05:46 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{57FAAC0E-6886-46AE-B5B0-67B133FB73ED}
2014-10-16 12:29 - 2014-10-16 12:30 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{ED99980D-938C-4D44-BB34-8430B61A4F45}
2014-10-15 19:56 - 2014-10-15 19:56 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{6DCC904B-A28E-41C2-9BF5-1C4E92303D46}
2014-10-15 05:08 - 2014-10-15 05:09 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{46489A74-D615-49BC-8A36-156CD2A81EE4}
2014-10-15 02:23 - 2014-10-09 21:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 02:23 - 2014-10-09 21:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 02:23 - 2014-10-09 21:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 02:23 - 2014-10-06 21:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 02:23 - 2014-10-06 21:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 02:23 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 02:23 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 02:23 - 2014-09-25 17:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 02:23 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 02:23 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 02:23 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 02:23 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 02:23 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 02:23 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 02:23 - 2014-09-18 20:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 02:23 - 2014-09-18 20:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 02:23 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 02:23 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 02:23 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 02:23 - 2014-09-18 20:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 02:23 - 2014-09-18 20:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 02:23 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 02:23 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 02:23 - 2014-09-18 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 02:23 - 2014-09-18 20:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 02:23 - 2014-09-18 20:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 02:23 - 2014-09-18 20:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 02:23 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 02:23 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 02:23 - 2014-09-18 20:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 02:23 - 2014-09-18 20:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 02:23 - 2014-09-18 20:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 02:23 - 2014-09-18 20:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 02:23 - 2014-09-18 20:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 02:23 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 02:23 - 2014-09-18 20:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 02:23 - 2014-09-18 20:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 02:23 - 2014-09-18 20:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 02:23 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 02:23 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 02:23 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 02:23 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 02:23 - 2014-09-18 19:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 02:23 - 2014-09-18 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 02:23 - 2014-09-18 19:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 02:23 - 2014-09-18 19:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 02:23 - 2014-09-18 19:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 02:23 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 02:23 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 02:23 - 2014-09-18 19:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 02:23 - 2014-09-18 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 02:23 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 02:23 - 2014-09-18 19:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 02:23 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 02:23 - 2014-09-18 19:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 02:23 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 02:23 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 02:23 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 02:23 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 02:23 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 02:23 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 02:23 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 02:23 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 02:23 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 02:23 - 2014-08-28 21:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 02:23 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 02:23 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 02:23 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 02:23 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 02:23 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 02:23 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 02:22 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 02:22 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 02:22 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 02:22 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 02:22 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 02:22 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 02:22 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 02:22 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 02:22 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 02:22 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 02:22 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 02:22 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 02:22 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 02:22 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 02:22 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 16:08 - 2014-10-14 16:08 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{95F94F87-D5A1-4EC0-BED0-0691969F726D}
2014-10-14 03:50 - 2014-10-14 03:50 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{93BB0B27-BD60-4A1E-A945-32DC01729B34}
2014-10-13 11:43 - 2014-10-13 11:43 - 111062776 _____ () C:\Users\Daves-New Daw\Downloads\Neat_v5.5.2.7_UPDATE.sfx.exe
2014-10-13 08:30 - 2014-10-13 08:30 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{B206F3B8-ABA9-4149-AACF-79812D680E49}
2014-10-12 17:42 - 2014-10-12 17:42 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{8CD02573-3292-4C9C-AF0F-AF244D0779CB}
2014-10-12 05:41 - 2014-10-12 05:42 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{098DF009-603A-41D1-A316-8642D623C84B}
2014-10-11 23:14 - 2014-10-11 23:14 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{07563610-D158-429D-87C7-A0B8368FEF16}
2014-10-11 05:51 - 2014-10-11 05:51 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{B2CD5EFB-4D10-484F-8A39-3FD10EA4FFB1}
2014-10-10 09:48 - 2014-10-10 09:49 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{9EE6AE4D-8CD9-4C3A-97E6-95177D225A8A}
2014-10-09 17:04 - 2014-10-09 17:04 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{2DFD7BD5-8E59-46F6-97E3-3052B365AFA4}
2014-10-09 03:53 - 2014-10-09 03:53 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{A39EBB5E-37D3-44D8-866D-7CC892466771}
2014-10-08 14:39 - 2014-10-08 14:40 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{E5146A4B-936D-4D97-8D85-7CB779DF7E5F}
2014-10-07 13:10 - 2014-10-07 13:10 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{09B25C21-7309-4B9A-9992-4FDE34A23048}
2014-10-06 17:24 - 2014-10-06 17:25 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{39307A53-4B85-4098-9FBA-D798EBF9E0EC}
2014-10-06 05:24 - 2014-10-06 05:24 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{8364D5B0-454B-4736-B608-7BD644A84AF5}
2014-10-05 08:22 - 2014-10-05 08:23 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{FA398A7A-BDC4-4C87-A011-27D01D804F9D}
2014-10-05 08:08 - 2014-10-05 08:08 - 00323672 _____ (Dropbox, Inc.) C:\Users\Daves-New Daw\Downloads\DropboxInstaller (1).exe
2014-10-05 07:40 - 2014-10-23 04:47 - 00000000 ___RD () C:\Users\Daves-New Daw\Dropbox
2014-10-04 21:02 - 2014-10-24 19:06 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Roaming\Dropbox
2014-10-04 21:02 - 2014-10-04 21:02 - 00323672 _____ (Dropbox, Inc.) C:\Users\Daves-New Daw\Downloads\DropboxInstaller.exe
2014-10-04 18:21 - 2014-10-04 18:21 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{2E995A0D-4503-4AA8-AC64-983A1F603303}
2014-10-04 06:18 - 2014-10-04 06:18 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{B040500D-3A32-479D-89A2-AB31F6048D2A}
2014-10-03 16:17 - 2014-10-03 16:17 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{B72A02C4-682F-43D2-B74E-DD51F4F99F68}
2014-10-03 04:16 - 2014-10-03 04:17 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{18FE54AD-B8A6-42E7-8514-02AD8C236CF8}
2014-10-02 06:56 - 2014-10-02 06:56 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{C907CF60-586E-4901-8566-2FA15C7A19F8}
2014-10-01 15:59 - 2014-10-01 15:59 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{DB5E0157-C6E4-4822-8B81-F4BAB859CDAF}
2014-10-01 05:02 - 2014-09-24 21:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 05:02 - 2014-09-24 20:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-01 03:52 - 2014-10-01 03:52 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{9BDD3ECB-047A-4DAB-9622-E67B4879CA43}
2014-09-30 08:41 - 2014-09-30 08:41 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{9F9F589D-9856-4E58-9F03-AC112B29B961}
2014-09-30 08:01 - 2014-09-30 08:01 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{056B3074-72A2-4A13-AEFB-737F064166C8}
2014-09-30 06:30 - 2014-09-30 06:30 - 00042618 _____ () C:\Users\Daves-New Daw\Downloads\JS3+AD2-5Tom.zip
2014-09-30 06:30 - 2014-09-30 06:30 - 00034811 _____ () C:\Users\Daves-New Daw\Downloads\JS3+AD2 (1).zip
2014-09-30 06:05 - 2014-09-30 06:05 - 00034811 _____ () C:\Users\Daves-New Daw\Downloads\JS3+AD2.zip
2014-09-29 17:27 - 2014-09-29 17:28 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{5B886131-B630-491C-972E-73A8090F30D0}
2014-09-29 05:27 - 2014-09-29 05:27 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{07F18063-D728-4CED-A7BB-D2ABEE5D1817}
2014-09-28 12:49 - 2014-09-28 12:49 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{5C2C215D-4102-40DB-A642-1FAC3FEB6F68}
2014-09-27 21:10 - 2014-09-27 21:10 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{C41DEED1-8623-498C-A58E-BF0023A33C98}
2014-09-27 09:10 - 2014-09-27 09:10 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{E1DEF846-3635-4093-823D-1E8D30F7EDA3}
2014-09-26 20:13 - 2014-09-26 20:13 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{E76FEAB0-54A7-4D6A-BAFD-A0A534BE882A}
2014-09-26 05:44 - 2014-09-26 05:44 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{5FACD5E7-BCCE-47F1-80AB-BACFC51516F6}
2014-09-25 07:16 - 2014-09-25 07:16 - 00000000 ____D () C:\Users\Daves-New Daw\AppData\Local\{690415A6-701E-4F27-81F3-0C63DDD74834}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-25 12:21 - 2012-08-16 10:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-25 12:11 - 2012-07-05 06:31 - 01303981 _____ () C:\Windows\WindowsUpdate.log
2014-10-25 11:57 - 2010-04-10 07:12 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-25 08:31 - 2011-02-02 11:11 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-25 07:28 - 2011-05-23 04:41 - 00000000 ____D () C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2014-10-25 07:14 - 2009-07-14 00:13 - 00006222 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-25 07:14 - 2009-07-13 23:45 - 00025232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-25 07:14 - 2009-07-13 23:45 - 00025232 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-25 07:07 - 2013-05-31 15:09 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-10-25 07:07 - 2010-04-10 07:12 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-25 07:07 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-25 07:07 - 2009-07-13 23:51 - 00032931 _____ () C:\Windows\setupact.log
2014-10-25 06:59 - 2009-10-26 17:47 - 00000000 ____D () C:\Users\Daves-New Daw
2014-10-25 06:57 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-10-25 04:04 - 2014-03-29 09:38 - 00000000 ____D () C:\Users\Daves-New Daw\Downloads\LG Venice sd card contacts and photos
2014-10-25 04:04 - 2013-12-11 06:42 - 00000000 ____D () C:\Users\Daves-New Daw\Downloads\Misc Cakewalk sonar stuff
2014-10-25 03:53 - 2012-07-09 10:39 - 00604672 _____ () C:\Users\Daves-New Daw\Desktop\Documents\1a Copy of Daves' Time sheet.xls
2014-10-24 23:20 - 2012-10-04 08:52 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FE20E8D5-1A28-49E5-B4A0-C56B6E2E2C6A}
2014-10-24 19:06 - 2012-08-16 10:00 - 00000000 ____D () C:\Program Files (x86)\FreeRIP3
2014-10-24 13:37 - 2009-10-26 21:34 - 00366876 _____ () C:\Windows\PFRO.log
2014-10-23 14:52 - 2010-04-10 07:12 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-23 14:52 - 2010-04-10 07:12 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-23 05:04 - 2009-10-26 18:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-23 04:32 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-23 04:13 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-23 04:10 - 2013-12-10 16:15 - 00000000 ____D () C:\Program Files (x86)\ControlCenter4
2014-10-23 04:05 - 2014-05-09 09:11 - 00000000 ____D () C:\ProgramData\AVG2014
2014-10-18 07:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-10-18 04:47 - 2009-07-13 23:45 - 00299744 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 04:45 - 2014-04-28 06:44 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-18 04:21 - 2013-07-13 09:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-18 04:18 - 2009-10-26 19:10 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-13 11:47 - 2013-01-07 07:39 - 00000000 ____D () C:\Users\Daves-New Daw\Desktop\Documents\Neat Database Backup
2014-10-13 11:31 - 2013-07-30 05:12 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-26 05:43 - 2012-07-09 10:37 - 00000000 ____D () C:\Users\Daves-New Daw\Desktop\Documents\My Projects
Files to move or delete:
====================
C:\Users\Daves-New Daw\AppData\Roaming\skype.ini
Some content of TEMP:
====================
C:\Users\Daves-New Daw\AppData\Local\Temp\13-12_win7_win8_64_dd_ccc_whql.exe
C:\Users\Daves-New Daw\AppData\Local\Temp\14-4-mobility-win7-win8-win8.1-64-dd-ccc-whql.exe
C:\Users\Daves-New Daw\AppData\Local\Temp\avguidx.dll
C:\Users\Daves-New Daw\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Daves-New Daw\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwlbxzp.dll
C:\Users\Daves-New Daw\AppData\Local\Temp\GLF3C4A.tmp.EXE
C:\Users\Daves-New Daw\AppData\Local\Temp\GLF3D3.tmp.EXE
C:\Users\Daves-New Daw\AppData\Local\Temp\GLF5AFF.tmp.EXE
C:\Users\Daves-New Daw\AppData\Local\Temp\GLF7304.tmp.EXE
C:\Users\Daves-New Daw\AppData\Local\Temp\GLF83B9.tmp.EXE
C:\Users\Daves-New Daw\AppData\Local\Temp\GLF96B.tmp.EXE
C:\Users\Daves-New Daw\AppData\Local\Temp\GLF9B12.tmp.EXE
C:\Users\Daves-New Daw\AppData\Local\Temp\GLFCFFD.tmp.EXE
C:\Users\Daves-New Daw\AppData\Local\Temp\GLFD7A1.tmp.EXE
C:\Users\Daves-New Daw\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Daves-New Daw\AppData\Local\Temp\NeatExecAsUser64.exe
C:\Users\Daves-New Daw\AppData\Local\Temp\oi_{B8416ACC-92D6-4EB9-819E-96002C160752}.exe
C:\Users\Daves-New Daw\AppData\Local\Temp\processcheck.exe
C:\Users\Daves-New Daw\AppData\Local\Temp\Quarantine.exe
C:\Users\Daves-New Daw\AppData\Local\Temp\raptrpatch.exe
C:\Users\Daves-New Daw\AppData\Local\Temp\raptr_stub.exe
C:\Users\Daves-New Daw\AppData\Local\Temp\SetACL.exe
C:\Users\Daves-New Daw\AppData\Local\Temp\sqlite3.dll
C:\Users\Daves-New Daw\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Daves-New Daw\AppData\Local\Temp\VistaTools64.dll
C:\Users\Daves-New Daw\AppData\Local\Temp\_is804.exe
C:\Users\Daves-New Daw\AppData\Local\Temp\_isB0C5.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-16 00:58
==================== End Of Log ============================
And here is the link to the additional txt log file
Addition.txt
