1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

PastaLeads Malware?

Discussion in 'Malware Removal Help' started by 66vdub, Aug 13, 2014.

  1. 66vdub

    66vdub Registered Members

    Joined:
    Aug 13, 2014
    Messages:
    10
    Location:
    NC
    Operating System:
    Windows Vista Home Premium
    Computer Brand or Motherboard:
    ASUS M3A78-EM AM2+/AM2 AMD 780G HDMI Micro ATX AMD
    CPU:
    AMD Athlon 64 X2 5050e Brisbane Dual-Core 2.6GHz Socket AM2 45W Processor
    Memory:
    OCZ Reaper HPC Edition 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Dual Channel Kit Desktop
    Hard Drive:
    PNY Optima Series 240GB SSD
    Graphics Card:
    integrated
    Power Supply:
    ModXStream Pro 500W 80Plus Semi-Modular High Performance
    I was searching for a solution to get rid of the popup ads from Pastaleaks, and came across this post and read through it...
    I am sure it came from a program I downloaded and didn't read what was all being installed.

    I have ran the programs listed in the Preperation for Malware removal help thread.
    Was hoping to have them reviewed to see if anything else needed to be done.
     
  2. 66vdub

    66vdub Registered Members

    Joined:
    Aug 13, 2014
    Messages:
    10
    Location:
    NC
    Operating System:
    Windows Vista Home Premium
    Computer Brand or Motherboard:
    ASUS M3A78-EM AM2+/AM2 AMD 780G HDMI Micro ATX AMD
    CPU:
    AMD Athlon 64 X2 5050e Brisbane Dual-Core 2.6GHz Socket AM2 45W Processor
    Memory:
    OCZ Reaper HPC Edition 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Dual Channel Kit Desktop
    Hard Drive:
    PNY Optima Series 240GB SSD
    Graphics Card:
    integrated
    Power Supply:
    ModXStream Pro 500W 80Plus Semi-Modular High Performance
    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 8/12/2014
    Scan Time: 10:50:08 PM
    Logfile:
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.08.12.12
    Rootkit Database: v2014.08.04.01
    License: Premium
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows Vista Service Pack 2
    CPU: x86
    File System: NTFS
    User: RW-01

    Scan Type: Custom Scan
    Result: Completed
    Objects Scanned: 372184
    Time Elapsed: 1 hr, 3 min, 31 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 4
    PUP.Optional.BetterDeals.A, C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage, Delete-on-Reboot, [7622ac167a01cf6711db4e9c29d9eb15],
    PUP.Optional.BetterDeals.A, C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal, Delete-on-Reboot, [7c1c61611e5d78befeeecf1b8e742cd4],
    PUP.Optional.Superfish.A, C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Delete-on-Reboot, [2c6c378b9cdf3ff733f3f1ffe220926e],
    PUP.Optional.Superfish.A, C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [acecbb07eb90c07670b6a54beb1742be],

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
  3. 66vdub

    66vdub Registered Members

    Joined:
    Aug 13, 2014
    Messages:
    10
    Location:
    NC
    Operating System:
    Windows Vista Home Premium
    Computer Brand or Motherboard:
    ASUS M3A78-EM AM2+/AM2 AMD 780G HDMI Micro ATX AMD
    CPU:
    AMD Athlon 64 X2 5050e Brisbane Dual-Core 2.6GHz Socket AM2 45W Processor
    Memory:
    OCZ Reaper HPC Edition 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Dual Channel Kit Desktop
    Hard Drive:
    PNY Optima Series 240GB SSD
    Graphics Card:
    integrated
    Power Supply:
    ModXStream Pro 500W 80Plus Semi-Modular High Performance
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:13-08-2014
    Ran by RW-01 (administrator) on RW-01-PC on 13-08-2014 01:23:40
    Running from C:\Users\RW-01\Desktop
    Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
    Internet Explorer Version 7
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (Microsoft Corporation) C:\Windows\System32\SLsvc.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Coupons.com Inc.) C:\Program Files\Coupons\CouponPrinterService.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\Program Files\pastaleads\PastaLeadsService.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    (AimerSoft) C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
    ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-0000-BA7E-100000000002}\SC_Acrobat.exe ()
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
    ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
    SearchScopes: HKCU - DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
    SearchScopes: HKCU - {5C5360F5-5F2D-4E4A-84B1-ABD053DB35A9} URL =
    BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    BHO: Aimersoft Video Converter Ultimate -> {54F73992-6549-4369-9A0D-84FD310A464A} -> C:\Program Files\Aimersoft\Video Converter Ultimate\SVRIEPlugin.dll No File
    BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Toolbar: HKCU - No Name - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No File
    Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 24.178.162.3 24.159.64.23 66.189.0.100

    FireFox:
    ========
    FF ProfilePath: C:\Users\RW-01\AppData\Roaming\Mozilla\Firefox\Profiles\pw3qn2he.default
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Extension: DownloadHelper - C:\Users\RW-01\AppData\Roaming\Mozilla\Firefox\Profiles\pw3qn2he.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-07-21]
    FF Extension: Firefox Old Version Update Hotfix - C:\Users\RW-01\AppData\Roaming\Mozilla\Firefox\Profiles\pw3qn2he.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-07-21]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-04-21]
    FF HKLM\...\Firefox\Extensions: [{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}] - C:\Program Files\Aimersoft\Video Converter Ultimate\SVRFirefoxExt

    Chrome:
    =======
    CHR HomePage: hxxp://my.yahoo.com/;_ylt=Av5SA2soZ_Sm8Kp2F1gLFX6vulI6
    CHR StartupUrls: "hxxp://my.yahoo.com/;_ylt=Av5SA2soZ_Sm8Kp2F1gLFX6vulI6"
    CHR Extension: (Google Docs) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-21]
    CHR Extension: (Google Drive) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-21]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
    CHR Extension: (YouTube) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-21]
    CHR Extension: (Adblock Plus) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-11]
    CHR Extension: (Google Search) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-21]
    CHR Extension: (Myibidder Auction Bid Sniper for eBay) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmebanjjkaohcmifehogijfgcoieefnp [2014-04-21]
    CHR Extension: (Google Wallet) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-21]
    CHR Extension: (Classic Blue Theme for Google Chrome™) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\oppbdedflbioggjkeneigjcmpomohajo [2014-08-02]
    CHR Extension: (Gmail) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-21]
    CHR HKLM\...\Chrome\Extension: [mapcejffhcbidcjmomhalabpcbaeimcb] - C:\Program Files\Aimersoft\Video Converter Ultimate\SVRChromePlugin.crx [2014-04-21]
    CHR StartMenuInternet: Google Chrome - chrome.exe

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 CouponPrinterService; C:\Program Files\Coupons\CouponPrinterService.exe [152560 2014-02-13] (Coupons.com Inc.)
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
    R2 pastaleadsServiceCore; C:\Program Files\pastaleads\PastaLeadsService.exe [384920 2014-06-23] ()

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [121000 2014-02-15] (SlySoft, Inc.)
    R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2014-04-21] ()
    R3 BCM43XX; C:\Windows\System32\DRIVERS\WMP54GSx86.sys [534016 2007-03-12] (Broadcom Corporation)
    R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
    R3 hcw85cir; C:\Windows\System32\drivers\hcw85cir3.sys [28160 2009-07-14] (Hauppauge Computer Works, Inc.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-13] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
    R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2014-04-21] ()
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-08-13 01:23 - 2014-08-13 01:23 - 00010495 _____ () C:\Users\RW-01\Desktop\FRST.txt
    2014-08-13 01:22 - 2014-08-13 01:23 - 00000000 ____D () C:\FRST
    2014-08-13 01:22 - 2014-08-13 01:22 - 01092096 _____ (Farbar) C:\Users\RW-01\Desktop\FRST.exe
    2014-08-13 00:37 - 2014-06-26 18:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
    2014-08-13 00:37 - 2014-06-26 18:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
    2014-08-13 00:37 - 2014-06-26 18:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
    2014-08-13 00:37 - 2014-06-06 00:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2014-08-13 00:33 - 2014-07-29 22:13 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-08-13 00:33 - 2014-07-29 22:12 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-08-13 00:33 - 2014-07-29 22:12 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 06119936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 03632128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00480768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
    2014-08-13 00:33 - 2014-07-29 20:33 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-08-13 00:33 - 2014-07-29 20:25 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-08-13 00:33 - 2014-07-25 00:26 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-13 00:33 - 2014-07-24 22:53 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-13 00:33 - 2014-07-07 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-08-13 00:33 - 2014-06-13 20:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2014-08-13 00:33 - 2014-06-13 20:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
    2014-08-13 00:33 - 2014-06-06 04:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2014-08-13 00:33 - 2014-06-02 06:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-08-13 00:33 - 2014-06-02 06:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2014-08-13 00:33 - 2014-06-02 06:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2014-08-13 00:33 - 2014-06-02 06:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2014-08-13 00:33 - 2014-06-02 04:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2014-08-13 00:33 - 2014-05-30 02:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2014-08-13 00:33 - 2014-04-26 12:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
    2014-08-13 00:33 - 2014-04-04 23:23 - 00915392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2014-08-13 00:33 - 2014-04-04 21:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
    2014-08-13 00:33 - 2014-03-25 09:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2014-08-13 00:33 - 2014-03-09 21:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2014-08-13 00:33 - 2014-03-09 21:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2014-08-13 00:30 - 2014-08-13 00:30 - 00000000 ____D () C:\Users\RW-01\Desktop\New Folder
    2014-08-13 00:10 - 2014-08-13 00:10 - 00001530 _____ () C:\Windows\pcsetup.log
    2014-08-12 22:47 - 2014-08-12 22:47 - 34176936 _____ (Oracle Corporation) C:\Users\RW-01\Desktop\jre-8u11-windows-x64.exe
    2014-08-12 22:07 - 2014-08-12 22:41 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\FileZilla
    2014-08-12 22:07 - 2014-08-12 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
    2014-08-12 22:07 - 2014-08-12 22:07 - 00000000 ____D () C:\Program Files\FileZilla FTP Client
    2014-08-12 00:58 - 2014-08-12 01:42 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\jEdit
    2014-08-12 00:54 - 2014-08-12 00:54 - 00000826 _____ () C:\Users\RW-01\Desktop\jEdit.lnk
    2014-08-12 00:54 - 2014-08-12 00:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jEdit
    2014-08-12 00:53 - 2014-08-12 00:54 - 00000000 ____D () C:\Program Files\jEdit
    2014-08-12 00:35 - 2014-08-12 00:35 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\WinRAR
    2014-08-12 00:33 - 2014-08-12 00:33 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2014-08-12 00:33 - 2014-08-12 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2014-08-12 00:33 - 2014-08-12 00:33 - 00000000 ____D () C:\Program Files\WinRAR
    2014-08-09 14:44 - 2014-08-09 14:44 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
    2014-08-09 14:43 - 2014-08-09 14:44 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Notepad++
    2014-08-09 14:43 - 2014-08-09 14:44 - 00000000 ____D () C:\Program Files\Notepad++
    2014-08-05 10:51 - 2014-08-05 11:51 - 00000000 ____D () C:\Users\RW-01\Documents\dvd
    2014-08-05 10:42 - 2014-08-05 12:22 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\DVD Flick
    2014-08-05 10:42 - 2014-08-05 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick
    2014-08-05 10:42 - 2014-08-05 10:42 - 00000000 ____D () C:\Program Files\DVD Flick
    2014-08-05 10:31 - 2014-08-05 10:31 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Oracle
    2014-08-05 10:30 - 2014-08-05 10:30 - 00000000 ____D () C:\Program Files\Common Files\Java
    2014-08-02 11:30 - 2014-08-12 00:56 - 00000000 ____D () C:\ProgramData\Oracle
    2014-08-02 11:30 - 2014-08-02 11:30 - 00000000 ____D () C:\ProgramData\Sun
    2014-07-30 14:21 - 2014-07-30 14:21 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XviD
    2014-07-30 14:21 - 2014-07-30 14:21 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
    2014-07-30 14:21 - 2014-07-30 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
    2014-07-30 14:20 - 2014-07-30 14:21 - 00000000 ____D () C:\Program Files\AutoGK
    2014-07-30 14:20 - 2014-07-30 14:20 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub
    2014-07-30 14:20 - 2014-07-30 14:20 - 00000000 ____D () C:\Program Files\Gabest
    2014-07-30 10:37 - 2014-07-30 10:37 - 00000000 ____D () C:\THE_LEGO_MOVIE
    2014-07-30 10:30 - 2014-07-30 10:30 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
    2014-07-30 10:30 - 2014-07-30 10:30 - 00000000 ____D () C:\Program Files\DVD Decrypter
    2014-07-25 16:05 - 2014-07-25 16:05 - 00000114 _____ () C:\Windows\wininit.ini
    2014-07-22 13:12 - 2014-07-22 13:14 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Apple Computer
    2014-07-22 13:12 - 2014-07-22 13:12 - 00001664 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Apple Computer
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\Apple Computer
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\Program Files\iTunes
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\Program Files\iPod
    2014-07-22 13:12 - 2012-08-21 13:01 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
    2014-07-22 13:11 - 2014-07-22 13:11 - 00001830 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2014-07-22 13:11 - 2014-07-22 13:11 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Apple
    2014-07-22 13:11 - 2014-07-22 13:11 - 00000000 ____D () C:\Program Files\Apple Software Update
    2014-07-22 13:10 - 2014-07-22 13:12 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2014-07-22 13:10 - 2014-07-22 13:11 - 00000000 ____D () C:\ProgramData\Apple
    2014-07-22 13:10 - 2014-07-22 13:10 - 00000000 ____D () C:\Program Files\Bonjour
    2014-07-21 13:31 - 2014-07-21 13:31 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Macromedia
    2014-07-21 04:26 - 2014-07-21 04:26 - 00000000 ____D () C:\Windows\system32\Macromed
    2014-07-21 02:28 - 2014-07-21 02:28 - 00000000 ____D () C:\Users\RW-01\dwhelper
    2014-07-21 02:17 - 2014-07-21 02:17 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Mozilla
    2014-07-21 02:17 - 2014-07-21 02:17 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Mozilla
    2014-07-21 02:16 - 2014-08-13 01:16 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job
    2014-07-21 02:16 - 2014-07-21 12:48 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\RocketUpdater
    2014-07-21 02:16 - 2014-07-21 02:16 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2014-07-21 02:16 - 2014-07-21 02:16 - 00000834 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-07-21 02:16 - 2014-07-21 02:16 - 00000000 ____D () C:\ProgramData\Mozilla
    2014-07-20 15:35 - 2014-07-25 16:06 - 00000000 ____D () C:\Program Files\pastaleads
    2014-07-20 15:35 - 2014-07-21 02:37 - 00000000 ____D () C:\ProgramData\pastaleads
    2014-07-20 15:28 - 2014-08-12 01:54 - 00000000 ____D () C:\ProgramData\Freemake
    2014-07-20 15:28 - 2014-07-20 15:29 - 00000000 ____D () C:\Users\RW-01\Documents\Freemake
    2014-07-20 15:27 - 2014-08-12 01:54 - 00000000 ____D () C:\Program Files\Freemake
    2014-07-20 14:59 - 2014-07-20 15:00 - 00000000 ____D () C:\Users\RW-01\Documents\Aimersoft Video Converter Ultimate
    2014-07-20 14:59 - 2014-07-20 14:59 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Aimersoft Video Converter Ultimate
    2014-07-20 14:59 - 2014-07-20 14:59 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
    2014-07-20 14:58 - 2014-07-20 15:13 - 00000000 ____D () C:\ProgramData\Aimersoft Video Converter Ultimate
    2014-07-20 14:58 - 2014-07-20 14:58 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Aimersoft
    2014-07-20 14:58 - 2014-07-20 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aimersoft
    2014-07-20 14:58 - 2014-07-20 14:58 - 00000000 ____D () C:\Program Files\Common Files\Aimersoft
    2014-07-20 14:58 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\system32\AiCM64.dll
    2014-07-20 14:58 - 2013-08-07 14:31 - 00214528 _____ () C:\Windows\system32\AiCM32.dll
    2014-07-20 01:38 - 2014-07-20 01:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-08-13 01:23 - 2014-08-13 01:23 - 00010495 _____ () C:\Users\RW-01\Desktop\FRST.txt
    2014-08-13 01:23 - 2014-08-13 01:22 - 00000000 ____D () C:\FRST
    2014-08-13 01:22 - 2014-08-13 01:22 - 01092096 _____ (Farbar) C:\Users\RW-01\Desktop\FRST.exe
    2014-08-13 01:18 - 2014-04-21 01:57 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-08-13 01:16 - 2014-07-21 02:16 - 00000292 _____ () C:\Windows\Tasks\Rocket Updater.job
    2014-08-13 01:09 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\rescache
    2014-08-13 01:08 - 2014-04-21 02:10 - 00000000 ____D () C:\ProgramData\CA
    2014-08-13 01:08 - 2014-04-21 01:57 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-08-13 01:08 - 2008-01-20 21:35 - 01160279 _____ () C:\Windows\WindowsUpdate.log
    2014-08-13 01:07 - 2014-04-23 18:37 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2014-08-13 01:07 - 2006-11-02 08:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2014-08-13 01:07 - 2006-11-02 08:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2014-08-13 01:01 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-08-13 01:00 - 2006-11-02 06:33 - 00758370 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-08-13 00:54 - 2014-04-21 02:13 - 00000000 ____D () C:\Windows\rnapxs
    2014-08-13 00:54 - 2008-01-20 22:47 - 00086146 _____ () C:\Windows\PFRO.log
    2014-08-13 00:54 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-08-13 00:54 - 2006-11-02 08:47 - 00374512 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-08-13 00:50 - 2014-04-21 02:50 - 00155356 _____ () C:\Windows\system32\Drivers\KmxAgent.asc
    2014-08-13 00:50 - 2006-11-02 09:01 - 00022502 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-08-13 00:50 - 2006-11-02 08:37 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-08-13 00:41 - 2014-04-21 00:40 - 00000000 ____D () C:\Windows\system32\MRT
    2014-08-13 00:30 - 2014-08-13 00:30 - 00000000 ____D () C:\Users\RW-01\Desktop\New Folder
    2014-08-13 00:30 - 2014-05-22 15:45 - 00000000 ____D () C:\Program Files\Solveig Multimedia
    2014-08-13 00:21 - 2014-05-22 15:32 - 00000000 ____D () C:\Program Files\NetDvr
    2014-08-13 00:10 - 2014-08-13 00:10 - 00001530 _____ () C:\Windows\pcsetup.log
    2014-08-13 00:10 - 2014-04-21 02:14 - 00006108 _____ () C:\Windows\system32\FDInstall.log
    2014-08-13 00:10 - 2014-04-21 01:56 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
    2014-08-13 00:10 - 2014-04-21 01:56 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
    2014-08-12 23:56 - 2014-04-22 20:25 - 00000000 ____D () C:\Windows\PCHEALTH
    2014-08-12 22:47 - 2014-08-12 22:47 - 34176936 _____ (Oracle Corporation) C:\Users\RW-01\Desktop\jre-8u11-windows-x64.exe
    2014-08-12 22:41 - 2014-08-12 22:07 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\FileZilla
    2014-08-12 22:07 - 2014-08-12 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
    2014-08-12 22:07 - 2014-08-12 22:07 - 00000000 ____D () C:\Program Files\FileZilla FTP Client
    2014-08-12 01:54 - 2014-07-20 15:28 - 00000000 ____D () C:\ProgramData\Freemake
    2014-08-12 01:54 - 2014-07-20 15:27 - 00000000 ____D () C:\Program Files\Freemake
    2014-08-12 01:42 - 2014-08-12 00:58 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\jEdit
    2014-08-12 00:56 - 2014-08-02 11:30 - 00000000 ____D () C:\ProgramData\Oracle
    2014-08-12 00:54 - 2014-08-12 00:54 - 00000826 _____ () C:\Users\RW-01\Desktop\jEdit.lnk
    2014-08-12 00:54 - 2014-08-12 00:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jEdit
    2014-08-12 00:54 - 2014-08-12 00:53 - 00000000 ____D () C:\Program Files\jEdit
    2014-08-12 00:35 - 2014-08-12 00:35 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\WinRAR
    2014-08-12 00:33 - 2014-08-12 00:33 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2014-08-12 00:33 - 2014-08-12 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2014-08-12 00:33 - 2014-08-12 00:33 - 00000000 ____D () C:\Program Files\WinRAR
    2014-08-11 19:24 - 2014-04-21 00:20 - 00000000 ____D () C:\Users\RW-01
    2014-08-11 19:09 - 2014-05-22 12:16 - 00000000 ____D () C:\Program Files\MediaInfo
    2014-08-11 19:09 - 2014-04-23 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    2014-08-11 19:09 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\Msdtc
    2014-08-11 19:05 - 2014-05-30 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
    2014-08-11 19:05 - 2014-05-30 17:24 - 00000000 ____D () C:\Program Files\Coupons
    2014-08-11 19:05 - 2014-04-23 18:37 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
    2014-08-11 19:05 - 2014-04-21 19:16 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\IrfanView
    2014-08-11 19:05 - 2006-11-02 08:37 - 00000000 ____D () C:\Windows\ShellNew
    2014-08-11 19:05 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\spool
    2014-08-11 19:05 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\registration
    2014-08-11 19:05 - 2006-11-02 06:22 - 40370176 _____ () C:\Windows\system32\config\components_previous
    2014-08-11 19:05 - 2006-11-02 06:22 - 39321600 _____ () C:\Windows\system32\config\software_previous
    2014-08-11 19:05 - 2006-11-02 06:22 - 16515072 _____ () C:\Windows\system32\config\system_previous
    2014-08-11 19:05 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
    2014-08-11 19:05 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
    2014-08-11 19:05 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\default_previous
    2014-08-09 15:31 - 2006-11-02 08:52 - 00031080 _____ () C:\Windows\setupact.log
    2014-08-09 14:44 - 2014-08-09 14:44 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
    2014-08-09 14:44 - 2014-08-09 14:43 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Notepad++
    2014-08-09 14:44 - 2014-08-09 14:43 - 00000000 ____D () C:\Program Files\Notepad++
    2014-08-05 12:22 - 2014-08-05 10:42 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\DVD Flick
    2014-08-05 11:51 - 2014-08-05 10:51 - 00000000 ____D () C:\Users\RW-01\Documents\dvd
    2014-08-05 10:42 - 2014-08-05 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick
    2014-08-05 10:42 - 2014-08-05 10:42 - 00000000 ____D () C:\Program Files\DVD Flick
    2014-08-05 10:31 - 2014-08-05 10:31 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Oracle
    2014-08-05 10:30 - 2014-08-05 10:30 - 00000000 ____D () C:\Program Files\Common Files\Java
    2014-08-02 11:30 - 2014-08-02 11:30 - 00000000 ____D () C:\ProgramData\Sun
    2014-07-31 23:42 - 2006-11-02 06:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
    2014-07-30 14:21 - 2014-07-30 14:21 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XviD
    2014-07-30 14:21 - 2014-07-30 14:21 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
    2014-07-30 14:21 - 2014-07-30 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
    2014-07-30 14:21 - 2014-07-30 14:20 - 00000000 ____D () C:\Program Files\AutoGK
    2014-07-30 14:21 - 2014-05-22 11:20 - 00000000 ____D () C:\Program Files\Common Files\Common Share
    2014-07-30 14:20 - 2014-07-30 14:20 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub
    2014-07-30 14:20 - 2014-07-30 14:20 - 00000000 ____D () C:\Program Files\Gabest
    2014-07-30 10:37 - 2014-07-30 10:37 - 00000000 ____D () C:\THE_LEGO_MOVIE
    2014-07-30 10:30 - 2014-07-30 10:30 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
    2014-07-30 10:30 - 2014-07-30 10:30 - 00000000 ____D () C:\Program Files\DVD Decrypter
    2014-07-29 22:13 - 2014-08-13 00:33 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-07-29 22:12 - 2014-08-13 00:33 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-07-29 22:12 - 2014-08-13 00:33 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 06119936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 03632128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00480768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
    2014-07-29 20:33 - 2014-08-13 00:33 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-07-29 20:25 - 2014-08-13 00:33 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-07-25 16:06 - 2014-07-20 15:35 - 00000000 ____D () C:\Program Files\pastaleads
    2014-07-25 16:05 - 2014-07-25 16:05 - 00000114 _____ () C:\Windows\wininit.ini
    2014-07-25 00:26 - 2014-08-13 00:33 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-07-24 22:53 - 2014-08-13 00:33 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-07-22 13:14 - 2014-07-22 13:12 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Apple Computer
    2014-07-22 13:12 - 2014-07-22 13:12 - 00001664 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Apple Computer
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\Apple Computer
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\Program Files\iTunes
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\Program Files\iPod
    2014-07-22 13:12 - 2014-07-22 13:10 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2014-07-22 13:11 - 2014-07-22 13:11 - 00001830 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2014-07-22 13:11 - 2014-07-22 13:11 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Apple
    2014-07-22 13:11 - 2014-07-22 13:11 - 00000000 ____D () C:\Program Files\Apple Software Update
    2014-07-22 13:11 - 2014-07-22 13:10 - 00000000 ____D () C:\ProgramData\Apple
    2014-07-22 13:10 - 2014-07-22 13:10 - 00000000 ____D () C:\Program Files\Bonjour
    2014-07-22 09:44 - 2014-05-22 12:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2014-07-22 09:44 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\tracing
    2014-07-21 13:31 - 2014-07-21 13:31 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Macromedia
    2014-07-21 12:48 - 2014-07-21 02:16 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\RocketUpdater
    2014-07-21 04:26 - 2014-07-21 04:26 - 00000000 ____D () C:\Windows\system32\Macromed
    2014-07-21 02:37 - 2014-07-20 15:35 - 00000000 ____D () C:\ProgramData\pastaleads
    2014-07-21 02:28 - 2014-07-21 02:28 - 00000000 ____D () C:\Users\RW-01\dwhelper
    2014-07-21 02:17 - 2014-07-21 02:17 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Mozilla
    2014-07-21 02:17 - 2014-07-21 02:17 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Mozilla
    2014-07-21 02:16 - 2014-07-21 02:16 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2014-07-21 02:16 - 2014-07-21 02:16 - 00000834 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-07-21 02:16 - 2014-07-21 02:16 - 00000000 ____D () C:\ProgramData\Mozilla
    2014-07-20 15:29 - 2014-07-20 15:28 - 00000000 ____D () C:\Users\RW-01\Documents\Freemake
    2014-07-20 15:13 - 2014-07-20 14:58 - 00000000 ____D () C:\ProgramData\Aimersoft Video Converter Ultimate
    2014-07-20 15:00 - 2014-07-20 14:59 - 00000000 ____D () C:\Users\RW-01\Documents\Aimersoft Video Converter Ultimate
    2014-07-20 14:59 - 2014-07-20 14:59 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Aimersoft Video Converter Ultimate
    2014-07-20 14:59 - 2014-07-20 14:59 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
    2014-07-20 14:58 - 2014-07-20 14:58 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Aimersoft
    2014-07-20 14:58 - 2014-07-20 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aimersoft
    2014-07-20 14:58 - 2014-07-20 14:58 - 00000000 ____D () C:\Program Files\Common Files\Aimersoft
    2014-07-20 01:38 - 2014-07-20 01:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

    Some content of TEMP:
    ====================
    C:\Users\RW-01\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.3.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-08-13 00:59

    ==================== End Of Log ============================
     
  4. 66vdub

    66vdub Registered Members

    Joined:
    Aug 13, 2014
    Messages:
    10
    Location:
    NC
    Operating System:
    Windows Vista Home Premium
    Computer Brand or Motherboard:
    ASUS M3A78-EM AM2+/AM2 AMD 780G HDMI Micro ATX AMD
    CPU:
    AMD Athlon 64 X2 5050e Brisbane Dual-Core 2.6GHz Socket AM2 45W Processor
    Memory:
    OCZ Reaper HPC Edition 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Dual Channel Kit Desktop
    Hard Drive:
    PNY Optima Series 240GB SSD
    Graphics Card:
    integrated
    Power Supply:
    ModXStream Pro 500W 80Plus Semi-Modular High Performance
    Additional scan result of Farbar Recovery Scan Tool (x86) Version:13-08-2014
    Ran by RW-01 at 2014-08-13 01:24:02
    Running from C:\Users\RW-01\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat 7.0 Standard (Version: 7.1.0 - Adobe Systems) Hidden
    Adobe Acrobat 7.1.0 Standard (HKLM\...\Adobe Acrobat 7.0 Standard - V) (Version: 7.1.0 - Adobe Systems)
    Adobe Acrobat Reader 3.01 (HKLM\...\Adobe Acrobat Reader 3.01) (Version: - )
    Adobe Photoshop Lightroom 4.4 (HKLM\...\{FA6F726E-AA8D-492A-B18A-A5945C337FCE}) (Version: 4.4.1 - Adobe)
    AnyDVD (HKLM\...\AnyDVD) (Version: 7.4.6.0 - SlySoft)
    Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
    CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
    Canon MF Toolbox 4.9.1.1.mf16 (HKLM\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf16 - CANON INC.)
    Canon MF4320-4350 (HKLM\...\{99A5569D-9F86-4f32-A227-1538B731DA42}) (Version: - )
    Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
    Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
    Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
    Canon Utilities Digital Photo Professional 3.10 (HKLM\...\DPP) (Version: 3.10.2.0 - Canon Inc.)
    Canon Utilities EOS Sample Music (HKLM\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.)
    Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
    Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
    Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
    Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
    Canon Utilities Picture Style Editor (HKLM\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
    Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
    Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
    CloneDVD2 (HKLM\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
    Cool & Quiet (HKLM\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version: - )
    Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.7) (Version: 5.0.0.7 - Coupons.com Incorporated)
    DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
    ffdshow v1.3.4500 [2013-01-06] (HKLM\...\ffdshow_is1) (Version: 1.3.4500.0 - )
    FileZilla Client 3.9.0.2 (HKLM\...\FileZilla Client) (Version: 3.9.0.2 - Tim Kosse)
    Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
    Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
    IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
    iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
    jEdit 5.2pre1 (HKLM\...\jEdit_is1) (Version: 5.2pre1 - Contributors)
    K-Lite Codec Pack 10.4.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.4.5 - )
    Malwarebytes' Anti-Malware (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: - Malwarebytes Corporation)
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    MediaInfo 0.7.69 (HKLM\...\MediaInfo) (Version: 0.7.69 - MediaArea.net)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Microsoft Office Professional Plus 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Mozilla Firefox 30.0 (x86 en-US) (HKLM\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    OJOsoft Total Video Converter (HKLM\...\OJOsoft Total Video Converter_is1) (Version: 2.7.2.1017 - OJOsoft)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
    WinRAR 5.11 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


    ==================== Restore Points =========================

    02-08-2014 15:29:26 Installed Java 7 Update 65
    05-08-2014 14:29:23 Installed Java 7 Update 67
    06-08-2014 14:49:26 Scheduled Checkpoint
    07-08-2014 04:00:01 Scheduled Checkpoint
    08-08-2014 04:00:01 Scheduled Checkpoint
    09-08-2014 16:25:20 Scheduled Checkpoint
    11-08-2014 23:03:18 Restore Operation
    12-08-2014 04:55:45 Installed Java 7 Update 67
    13-08-2014 04:05:50 Removed Java 7 Update 67
    13-08-2014 04:08:02 Removed CouponPrinterPlugin
    13-08-2014 04:10:37 Removed CA Parental Controls
    13-08-2014 04:21:45 Removed NetDvr
    13-08-2014 04:33:30 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2006-11-02 06:23 - 2006-09-18 17:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    ::1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
    Task: {27D244EF-EF28-43A7-8F7B-B7FF0589CB20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-21] (Google Inc.)
    Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
    Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
    Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
    Task: {506A26BB-085A-42A2-B940-2E604261499C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-21] (Google Inc.)
    Task: {5358E260-8EEE-4DC2-9771-D4442D043BFB} - System32\Tasks\Rocket Updater => C:\Users\RW-01\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
    Task: {B8760D3E-0EEC-411F-B4F4-038AD9236DAF} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
    Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
    Task: {FCCA6D28-7541-4805-8CC4-8B431A1B56E6} - System32\Tasks\PastaQuotes => C:\Program Files\pastaleads\ScheduledTask.exe

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\RW-01\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

    ==================== Loaded Modules (whitelisted) =============

    2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-06-23 02:07 - 2014-06-23 02:07 - 00384920 _____ () C:\Program Files\pastaleads\PastaLeadsService.exe
    2014-07-31 11:22 - 2014-07-31 11:22 - 00035328 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
    2014-05-24 12:41 - 2014-05-24 12:41 - 00091648 _____ () C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
    2014-05-24 12:41 - 2014-05-24 12:41 - 00892416 _____ () C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
    2011-04-20 01:21 - 2011-04-20 01:21 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll
    2014-07-18 04:24 - 2014-07-15 05:24 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll
    2014-07-18 04:24 - 2014-07-15 05:24 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
    2014-07-18 04:24 - 2014-07-15 05:24 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
    2014-04-21 19:19 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
    2014-04-21 19:19 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
    2014-07-18 04:24 - 2014-07-15 05:24 - 14664008 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk => C:\Windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup
    MSCONFIG\startupreg: Acrobat Assistant 7.0 => "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
    MSCONFIG\startupreg: cctray => "C:\Program Files\Total Defense\Internet Security Suite\casc.exe"
    MSCONFIG\startupreg: updateMgr => C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcStd7_1_0 -reboot 1
    MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (08/13/2014 00:54:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (08/13/2014 00:10:37 AM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {02e1da45-e189-4087-906d-e5256c10385b}

    Error: (08/12/2014 11:59:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (08/12/2014 09:04:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (08/11/2014 07:11:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (08/11/2014 07:09:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: -528

    Error: (08/11/2014 07:09:20 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: Catalog Database (1544) Catalog Database: Error -1811 occurred while opening logfile C:\Windows\system32\CatRoot2\edb0014A.log.

    Error: (08/11/2014 04:57:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (08/09/2014 03:32:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (08/09/2014 08:51:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    System errors:
    =============
    Error: (08/13/2014 00:50:29 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

    Error: (08/12/2014 11:54:41 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

    Error: (08/12/2014 11:54:38 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

    Error: (08/12/2014 02:00:34 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

    Error: (08/11/2014 07:11:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Windows Image Acquisition (WIA)

    Error: (08/11/2014 07:11:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: PastaQuotes

    Error: (08/11/2014 07:11:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Network List Service

    Error: (08/11/2014 07:11:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: IP Helper

    Error: (08/11/2014 07:11:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: 30000Eventlog

    Error: (08/11/2014 07:03:51 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


    Microsoft Office Sessions:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2014-08-13 00:54:59.241
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:54:59.039
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:54:58.867
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:54:58.664
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:09:37.366
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\KmxAMRT.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:09:37.210
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\KmxAMRT.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:09:37.054
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\KmxAMRT.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:09:36.898
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\KmxAMRT.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-12 23:59:47.803
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-12 23:59:47.647
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: AMD Athlon(tm) Dual Core Processor 5050e
    Percentage of memory in use: 48%
    Total physical RAM: 3326.18 MB
    Available physical RAM: 1718.94 MB
    Total Pagefile: 6874.92 MB
    Available Pagefile: 5267.25 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1904.22 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:223.57 GB) (Free:157.24 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: (Quick Start) (CDROM) (Total:0.29 GB) (Free:0 GB) CDFS
    Drive e: (TOSHIBA EXT) (Fixed) (Total:698.47 GB) (Free:476.67 GB) FAT32
    Drive g: () (Fixed) (Total:465.64 GB) (Free:147.04 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 224 GB) (Disk ID: C006EF4F)
    Partition 1: (Active) - (Size=224 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: D8703BAF)
    Partition 1: (Not Active) - (Size=699 GB) - (Type=0C)

    ========================================================
    Disk: 3 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: B1FF32A6)
    Partition 1: (Not Active) - (Size=466 GB) - (Type=0B)

    ==================== End Of Log ============================
     
  5. 66vdub

    66vdub Registered Members

    Joined:
    Aug 13, 2014
    Messages:
    10
    Location:
    NC
    Operating System:
    Windows Vista Home Premium
    Computer Brand or Motherboard:
    ASUS M3A78-EM AM2+/AM2 AMD 780G HDMI Micro ATX AMD
    CPU:
    AMD Athlon 64 X2 5050e Brisbane Dual-Core 2.6GHz Socket AM2 45W Processor
    Memory:
    OCZ Reaper HPC Edition 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Dual Channel Kit Desktop
    Hard Drive:
    PNY Optima Series 240GB SSD
    Graphics Card:
    integrated
    Power Supply:
    ModXStream Pro 500W 80Plus Semi-Modular High Performance
    # AdwCleaner v3.304 - Report created 13/08/2014 at 01:34:49
    # Updated 08/08/2014 by Xplode
    # Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # Username : RW-01 - RW-01-PC
    # Running from : C:\Users\RW-01\Desktop\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    Service Deleted : pastaleadsServiceCore

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\Aimersoft Video Converter Ultimate
    Folder Deleted : C:\ProgramData\pastaleads
    Folder Deleted : C:\Program Files\pastaleads
    Folder Deleted : C:\Users\RW-01\AppData\Roaming\Aimersoft Video Converter Ultimate
    Folder Deleted : C:\Users\RW-01\AppData\Roaming\RocketUpdater
    Folder Deleted : C:\Users\RW-01\Documents\Aimersoft Video Converter Ultimate
    File Deleted : C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage
    File Deleted : C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage-journal
    File Deleted : C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
    File Deleted : C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

    ***** [ Scheduled Tasks ] *****

    Task Deleted : Rocket Updater

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Key Deleted : HKCU\Software\Rocket Browser
    Key Deleted : HKCU\Software\RocketUpdater
    Key Deleted : HKCU\Software\WSE Rocket
    Key Deleted : HKLM\Software\InstallCore
    Key Deleted : HKLM\Software\NpApp

    ***** [ Browsers ] *****

    -\\ Internet Explorer v7.0.6002.18005


    -\\ Mozilla Firefox v30.0 (en-US)

    [ File : C:\Users\RW-01\AppData\Roaming\Mozilla\Firefox\Profiles\pw3qn2he.default\prefs.js ]


    -\\ Google Chrome v36.0.1985.125

    [ File : C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
    Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    Deleted [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj

    *************************

    AdwCleaner[R0].txt - [3407 octets] - [13/08/2014 01:33:09]
    AdwCleaner[S0].txt - [3398 octets] - [13/08/2014 01:34:49]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3458 octets] ##########
     
  6. 66vdub

    66vdub Registered Members

    Joined:
    Aug 13, 2014
    Messages:
    10
    Location:
    NC
    Operating System:
    Windows Vista Home Premium
    Computer Brand or Motherboard:
    ASUS M3A78-EM AM2+/AM2 AMD 780G HDMI Micro ATX AMD
    CPU:
    AMD Athlon 64 X2 5050e Brisbane Dual-Core 2.6GHz Socket AM2 45W Processor
    Memory:
    OCZ Reaper HPC Edition 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Dual Channel Kit Desktop
    Hard Drive:
    PNY Optima Series 240GB SSD
    Graphics Card:
    integrated
    Power Supply:
    ModXStream Pro 500W 80Plus Semi-Modular High Performance
    AdwCleaner did find the pastaleads, and I guess when I selected "Clean", it was removed
    I will check back for responses.
    Thank you.
     
  7. allheart55 (Cindy E)

    allheart55 (Cindy E) Administrator Administrator

    Joined:
    Jun 11, 2009
    Messages:
    10,495
    Location:
    Pennsylvania
    Operating System:
    Windows 10
    Computer Brand or Motherboard:
    ASUS M4A77TD AM3 AMD 770 ATX AMD
    CPU:
    AMD Phenom II X6 1090T-Thuban 3.2GHz
    Memory:
    Crucial-DDR3 SDRAM 1333-8GB
    Hard Drive:
    WD Caviar Black SE HDD 640 GB - WD Caviar Black SE HDD 500 GB
    Graphics Card:
    Sapphire Radeon HD-7870 2GB
    Power Supply:
    CORSAIR CMPSU-750W
    Hello 66vdub and welcome to Computer Help Forums.

    I have notified our malware removal specialists and one of them will be along to assist you shortly.
     
  8. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi 66vdub

    Unfortunately you made a common mistake:
    You ran FRST before you ran AdwCleaner.

    This gives a false FRST report as some of the entries will now have been removed.
    I need an up to date set of FRST reports to see exactly what is left.

    Please re-run FRST.
    • Make sure that Addition.txt is selected at the bottom
    • Press Scan button.

      1b8c7ec40ba5fc57455a82d8388da693.png
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • It will also make another log (Addition.txt). Please copy and paste it to your reply also.

    Thanks
     
  9. 66vdub

    66vdub Registered Members

    Joined:
    Aug 13, 2014
    Messages:
    10
    Location:
    NC
    Operating System:
    Windows Vista Home Premium
    Computer Brand or Motherboard:
    ASUS M3A78-EM AM2+/AM2 AMD 780G HDMI Micro ATX AMD
    CPU:
    AMD Athlon 64 X2 5050e Brisbane Dual-Core 2.6GHz Socket AM2 45W Processor
    Memory:
    OCZ Reaper HPC Edition 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Dual Channel Kit Desktop
    Hard Drive:
    PNY Optima Series 240GB SSD
    Graphics Card:
    integrated
    Power Supply:
    ModXStream Pro 500W 80Plus Semi-Modular High Performance
    Sorry about that...

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:13-08-2014
    Ran by RW-01 (administrator) on RW-01-PC on 13-08-2014 20:52:14
    Running from C:\Users\RW-01\Desktop
    Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
    Internet Explorer Version 7
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (Microsoft Corporation) C:\Windows\System32\SLsvc.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Coupons.com Inc.) C:\Program Files\Coupons\CouponPrinterService.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    (AimerSoft) C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat_sl.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
    ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-0000-BA7E-100000000002}\SC_Acrobat.exe ()
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
    ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
    SearchScopes: HKCU - {5C5360F5-5F2D-4E4A-84B1-ABD053DB35A9} URL =
    BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    BHO: Aimersoft Video Converter Ultimate -> {54F73992-6549-4369-9A0D-84FD310A464A} -> C:\Program Files\Aimersoft\Video Converter Ultimate\SVRIEPlugin.dll No File
    BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Toolbar: HKCU - No Name - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No File
    Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 24.178.162.3 24.159.64.23 66.189.0.100

    FireFox:
    ========
    FF ProfilePath: C:\Users\RW-01\AppData\Roaming\Mozilla\Firefox\Profiles\pw3qn2he.default
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Extension: DownloadHelper - C:\Users\RW-01\AppData\Roaming\Mozilla\Firefox\Profiles\pw3qn2he.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-07-21]
    FF Extension: Firefox Old Version Update Hotfix - C:\Users\RW-01\AppData\Roaming\Mozilla\Firefox\Profiles\pw3qn2he.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-07-21]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-04-21]
    FF HKLM\...\Firefox\Extensions: [{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}] - C:\Program Files\Aimersoft\Video Converter Ultimate\SVRFirefoxExt

    Chrome:
    =======
    CHR HomePage: hxxp://my.yahoo.com/;_ylt=Av5SA2soZ_Sm8Kp2F1gLFX6vulI6
    CHR StartupUrls: "hxxp://my.yahoo.com/;_ylt=Av5SA2soZ_Sm8Kp2F1gLFX6vulI6"
    CHR Extension: (Google Docs) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-21]
    CHR Extension: (Google Drive) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-21]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
    CHR Extension: (YouTube) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-21]
    CHR Extension: (Adblock Plus) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-11]
    CHR Extension: (Google Search) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-21]
    CHR Extension: (Myibidder Auction Bid Sniper for eBay) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmebanjjkaohcmifehogijfgcoieefnp [2014-04-21]
    CHR Extension: (Google Wallet) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-21]
    CHR Extension: (Classic Blue Theme for Google Chrome™) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\oppbdedflbioggjkeneigjcmpomohajo [2014-08-02]
    CHR Extension: (Gmail) - C:\Users\RW-01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-21]
    CHR HKLM\...\Chrome\Extension: [mapcejffhcbidcjmomhalabpcbaeimcb] - C:\Program Files\Aimersoft\Video Converter Ultimate\SVRChromePlugin.crx [2014-04-21]
    CHR StartMenuInternet: Google Chrome - chrome.exe

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 CouponPrinterService; C:\Program Files\Coupons\CouponPrinterService.exe [152560 2014-02-13] (Coupons.com Inc.)
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [121000 2014-02-15] (SlySoft, Inc.)
    R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2014-04-21] ()
    R3 BCM43XX; C:\Windows\System32\DRIVERS\WMP54GSx86.sys [534016 2007-03-12] (Broadcom Corporation)
    R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
    R3 hcw85cir; C:\Windows\System32\drivers\hcw85cir3.sys [28160 2009-07-14] (Hauppauge Computer Works, Inc.)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-13] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
    R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2014-04-21] ()
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-08-13 01:39 - 2014-08-13 01:39 - 00003538 _____ () C:\Users\RW-01\Desktop\AdwCleaner[S0].txt
    2014-08-13 01:33 - 2014-08-13 01:35 - 00000000 ____D () C:\AdwCleaner
    2014-08-13 01:33 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
    2014-08-13 01:28 - 2014-08-13 01:40 - 00065228 _____ () C:\Users\RW-01\Desktop\post.txt
    2014-08-13 01:28 - 2014-08-13 01:28 - 01366203 _____ () C:\Users\RW-01\Desktop\AdwCleaner.exe
    2014-08-13 01:24 - 2014-08-13 01:24 - 00021988 _____ () C:\Users\RW-01\Desktop\Addition.txt
    2014-08-13 01:23 - 2014-08-13 20:52 - 00009796 _____ () C:\Users\RW-01\Desktop\FRST.txt
    2014-08-13 01:22 - 2014-08-13 20:52 - 00000000 ____D () C:\FRST
    2014-08-13 01:22 - 2014-08-13 01:22 - 01092096 _____ (Farbar) C:\Users\RW-01\Desktop\FRST.exe
    2014-08-13 00:37 - 2014-06-26 18:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
    2014-08-13 00:37 - 2014-06-26 18:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
    2014-08-13 00:37 - 2014-06-26 18:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
    2014-08-13 00:37 - 2014-06-06 00:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2014-08-13 00:33 - 2014-07-29 22:13 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-08-13 00:33 - 2014-07-29 22:12 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-08-13 00:33 - 2014-07-29 22:12 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 06119936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 03632128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00480768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-08-13 00:33 - 2014-07-29 22:11 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
    2014-08-13 00:33 - 2014-07-29 20:33 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-08-13 00:33 - 2014-07-29 20:25 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-08-13 00:33 - 2014-07-25 00:26 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-13 00:33 - 2014-07-24 22:53 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-13 00:33 - 2014-07-07 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-08-13 00:33 - 2014-06-13 20:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2014-08-13 00:33 - 2014-06-13 20:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
    2014-08-13 00:33 - 2014-06-06 04:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2014-08-13 00:33 - 2014-06-02 06:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-08-13 00:33 - 2014-06-02 06:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
    2014-08-13 00:33 - 2014-06-02 06:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2014-08-13 00:33 - 2014-06-02 06:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2014-08-13 00:33 - 2014-06-02 04:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2014-08-13 00:33 - 2014-05-30 02:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2014-08-13 00:33 - 2014-04-26 12:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
    2014-08-13 00:33 - 2014-04-04 23:23 - 00915392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2014-08-13 00:33 - 2014-04-04 21:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
    2014-08-13 00:33 - 2014-03-25 09:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2014-08-13 00:33 - 2014-03-09 21:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2014-08-13 00:33 - 2014-03-09 21:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2014-08-13 00:30 - 2014-08-13 00:30 - 00000000 ____D () C:\Users\RW-01\Desktop\New Folder
    2014-08-13 00:10 - 2014-08-13 00:10 - 00001530 _____ () C:\Windows\pcsetup.log
    2014-08-12 22:47 - 2014-08-12 22:47 - 34176936 _____ (Oracle Corporation) C:\Users\RW-01\Desktop\jre-8u11-windows-x64.exe
    2014-08-12 22:07 - 2014-08-12 22:41 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\FileZilla
    2014-08-12 22:07 - 2014-08-12 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
    2014-08-12 22:07 - 2014-08-12 22:07 - 00000000 ____D () C:\Program Files\FileZilla FTP Client
    2014-08-12 00:58 - 2014-08-12 01:42 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\jEdit
    2014-08-12 00:54 - 2014-08-12 00:54 - 00000826 _____ () C:\Users\RW-01\Desktop\jEdit.lnk
    2014-08-12 00:54 - 2014-08-12 00:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jEdit
    2014-08-12 00:53 - 2014-08-12 00:54 - 00000000 ____D () C:\Program Files\jEdit
    2014-08-12 00:35 - 2014-08-12 00:35 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\WinRAR
    2014-08-12 00:33 - 2014-08-12 00:33 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2014-08-12 00:33 - 2014-08-12 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2014-08-12 00:33 - 2014-08-12 00:33 - 00000000 ____D () C:\Program Files\WinRAR
    2014-08-09 14:44 - 2014-08-09 14:44 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
    2014-08-09 14:43 - 2014-08-09 14:44 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Notepad++
    2014-08-09 14:43 - 2014-08-09 14:44 - 00000000 ____D () C:\Program Files\Notepad++
    2014-08-05 10:51 - 2014-08-05 11:51 - 00000000 ____D () C:\Users\RW-01\Documents\dvd
    2014-08-05 10:42 - 2014-08-05 12:22 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\DVD Flick
    2014-08-05 10:42 - 2014-08-05 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick
    2014-08-05 10:42 - 2014-08-05 10:42 - 00000000 ____D () C:\Program Files\DVD Flick
    2014-08-05 10:31 - 2014-08-05 10:31 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Oracle
    2014-08-05 10:30 - 2014-08-05 10:30 - 00000000 ____D () C:\Program Files\Common Files\Java
    2014-08-02 11:30 - 2014-08-12 00:56 - 00000000 ____D () C:\ProgramData\Oracle
    2014-08-02 11:30 - 2014-08-02 11:30 - 00000000 ____D () C:\ProgramData\Sun
    2014-07-30 14:21 - 2014-07-30 14:21 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XviD
    2014-07-30 14:21 - 2014-07-30 14:21 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
    2014-07-30 14:21 - 2014-07-30 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
    2014-07-30 14:20 - 2014-07-30 14:21 - 00000000 ____D () C:\Program Files\AutoGK
    2014-07-30 14:20 - 2014-07-30 14:20 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub
    2014-07-30 14:20 - 2014-07-30 14:20 - 00000000 ____D () C:\Program Files\Gabest
    2014-07-30 10:30 - 2014-07-30 10:30 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
    2014-07-30 10:30 - 2014-07-30 10:30 - 00000000 ____D () C:\Program Files\DVD Decrypter
    2014-07-25 16:05 - 2014-07-25 16:05 - 00000114 _____ () C:\Windows\wininit.ini
    2014-07-22 13:12 - 2014-07-22 13:14 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Apple Computer
    2014-07-22 13:12 - 2014-07-22 13:12 - 00001664 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Apple Computer
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\Apple Computer
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\Program Files\iTunes
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\Program Files\iPod
    2014-07-22 13:12 - 2012-08-21 13:01 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
    2014-07-22 13:11 - 2014-07-22 13:11 - 00001830 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2014-07-22 13:11 - 2014-07-22 13:11 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Apple
    2014-07-22 13:11 - 2014-07-22 13:11 - 00000000 ____D () C:\Program Files\Apple Software Update
    2014-07-22 13:10 - 2014-07-22 13:12 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2014-07-22 13:10 - 2014-07-22 13:11 - 00000000 ____D () C:\ProgramData\Apple
    2014-07-22 13:10 - 2014-07-22 13:10 - 00000000 ____D () C:\Program Files\Bonjour
    2014-07-21 13:31 - 2014-07-21 13:31 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Macromedia
    2014-07-21 04:26 - 2014-07-21 04:26 - 00000000 ____D () C:\Windows\system32\Macromed
    2014-07-21 02:28 - 2014-07-21 02:28 - 00000000 ____D () C:\Users\RW-01\dwhelper
    2014-07-21 02:17 - 2014-07-21 02:17 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Mozilla
    2014-07-21 02:17 - 2014-07-21 02:17 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Mozilla
    2014-07-21 02:16 - 2014-07-21 02:16 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2014-07-21 02:16 - 2014-07-21 02:16 - 00000834 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-07-21 02:16 - 2014-07-21 02:16 - 00000000 ____D () C:\ProgramData\Mozilla
    2014-07-20 15:28 - 2014-08-12 01:54 - 00000000 ____D () C:\ProgramData\Freemake
    2014-07-20 15:28 - 2014-07-20 15:29 - 00000000 ____D () C:\Users\RW-01\Documents\Freemake
    2014-07-20 15:27 - 2014-08-12 01:54 - 00000000 ____D () C:\Program Files\Freemake
    2014-07-20 14:59 - 2014-07-20 14:59 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
    2014-07-20 14:58 - 2014-07-20 14:58 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Aimersoft
    2014-07-20 14:58 - 2014-07-20 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aimersoft
    2014-07-20 14:58 - 2014-07-20 14:58 - 00000000 ____D () C:\Program Files\Common Files\Aimersoft
    2014-07-20 14:58 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\system32\AiCM64.dll
    2014-07-20 14:58 - 2013-08-07 14:31 - 00214528 _____ () C:\Windows\system32\AiCM32.dll
    2014-07-20 01:38 - 2014-07-20 01:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-08-13 20:52 - 2014-08-13 01:23 - 00009796 _____ () C:\Users\RW-01\Desktop\FRST.txt
    2014-08-13 20:52 - 2014-08-13 01:22 - 00000000 ____D () C:\FRST
    2014-08-13 20:51 - 2006-11-02 06:33 - 00758370 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-08-13 20:50 - 2008-01-20 21:35 - 01176925 _____ () C:\Windows\WindowsUpdate.log
    2014-08-13 20:47 - 2014-04-23 18:37 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2014-08-13 20:47 - 2014-04-21 01:57 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-08-13 20:46 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-08-13 20:46 - 2006-11-02 08:47 - 00374512 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-08-13 20:46 - 2006-11-02 08:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2014-08-13 20:46 - 2006-11-02 08:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2014-08-13 03:05 - 2006-11-02 09:01 - 00023254 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-08-13 02:19 - 2014-04-21 01:57 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-08-13 01:40 - 2014-08-13 01:28 - 00065228 _____ () C:\Users\RW-01\Desktop\post.txt
    2014-08-13 01:39 - 2014-08-13 01:39 - 00003538 _____ () C:\Users\RW-01\Desktop\AdwCleaner[S0].txt
    2014-08-13 01:36 - 2008-01-20 22:47 - 00086456 _____ () C:\Windows\PFRO.log
    2014-08-13 01:35 - 2014-08-13 01:33 - 00000000 ____D () C:\AdwCleaner
    2014-08-13 01:28 - 2014-08-13 01:28 - 01366203 _____ () C:\Users\RW-01\Desktop\AdwCleaner.exe
    2014-08-13 01:24 - 2014-08-13 01:24 - 00021988 _____ () C:\Users\RW-01\Desktop\Addition.txt
    2014-08-13 01:22 - 2014-08-13 01:22 - 01092096 _____ (Farbar) C:\Users\RW-01\Desktop\FRST.exe
    2014-08-13 01:09 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\rescache
    2014-08-13 01:01 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-08-13 00:54 - 2014-04-21 02:13 - 00000000 ____D () C:\Windows\rnapxs
    2014-08-13 00:50 - 2014-04-21 02:50 - 00155356 _____ () C:\Windows\system32\Drivers\KmxAgent.asc
    2014-08-13 00:50 - 2006-11-02 08:37 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-08-13 00:41 - 2014-04-21 00:40 - 00000000 ____D () C:\Windows\system32\MRT
    2014-08-13 00:30 - 2014-08-13 00:30 - 00000000 ____D () C:\Users\RW-01\Desktop\New Folder
    2014-08-13 00:30 - 2014-05-22 15:45 - 00000000 ____D () C:\Program Files\Solveig Multimedia
    2014-08-13 00:21 - 2014-05-22 15:32 - 00000000 ____D () C:\Program Files\NetDvr
    2014-08-13 00:10 - 2014-08-13 00:10 - 00001530 _____ () C:\Windows\pcsetup.log
    2014-08-13 00:10 - 2014-04-21 02:14 - 00006108 _____ () C:\Windows\system32\FDInstall.log
    2014-08-13 00:10 - 2014-04-21 01:56 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
    2014-08-13 00:10 - 2014-04-21 01:56 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
    2014-08-12 23:56 - 2014-04-22 20:25 - 00000000 ____D () C:\Windows\PCHEALTH
    2014-08-12 22:47 - 2014-08-12 22:47 - 34176936 _____ (Oracle Corporation) C:\Users\RW-01\Desktop\jre-8u11-windows-x64.exe
    2014-08-12 22:41 - 2014-08-12 22:07 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\FileZilla
    2014-08-12 22:07 - 2014-08-12 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
    2014-08-12 22:07 - 2014-08-12 22:07 - 00000000 ____D () C:\Program Files\FileZilla FTP Client
    2014-08-12 01:54 - 2014-07-20 15:28 - 00000000 ____D () C:\ProgramData\Freemake
    2014-08-12 01:54 - 2014-07-20 15:27 - 00000000 ____D () C:\Program Files\Freemake
    2014-08-12 01:42 - 2014-08-12 00:58 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\jEdit
    2014-08-12 00:56 - 2014-08-02 11:30 - 00000000 ____D () C:\ProgramData\Oracle
    2014-08-12 00:54 - 2014-08-12 00:54 - 00000826 _____ () C:\Users\RW-01\Desktop\jEdit.lnk
    2014-08-12 00:54 - 2014-08-12 00:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jEdit
    2014-08-12 00:54 - 2014-08-12 00:53 - 00000000 ____D () C:\Program Files\jEdit
    2014-08-12 00:35 - 2014-08-12 00:35 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\WinRAR
    2014-08-12 00:33 - 2014-08-12 00:33 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    2014-08-12 00:33 - 2014-08-12 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    2014-08-12 00:33 - 2014-08-12 00:33 - 00000000 ____D () C:\Program Files\WinRAR
    2014-08-11 19:24 - 2014-04-21 00:20 - 00000000 ____D () C:\Users\RW-01
    2014-08-11 19:09 - 2014-05-22 12:16 - 00000000 ____D () C:\Program Files\MediaInfo
    2014-08-11 19:09 - 2014-04-23 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    2014-08-11 19:09 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\Msdtc
    2014-08-11 19:05 - 2014-05-30 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
    2014-08-11 19:05 - 2014-05-30 17:24 - 00000000 ____D () C:\Program Files\Coupons
    2014-08-11 19:05 - 2014-04-23 18:37 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
    2014-08-11 19:05 - 2014-04-21 19:16 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\IrfanView
    2014-08-11 19:05 - 2006-11-02 08:37 - 00000000 ____D () C:\Windows\ShellNew
    2014-08-11 19:05 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\system32\spool
    2014-08-11 19:05 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\registration
    2014-08-11 19:05 - 2006-11-02 06:22 - 40370176 _____ () C:\Windows\system32\config\components_previous
    2014-08-11 19:05 - 2006-11-02 06:22 - 39321600 _____ () C:\Windows\system32\config\software_previous
    2014-08-11 19:05 - 2006-11-02 06:22 - 16515072 _____ () C:\Windows\system32\config\system_previous
    2014-08-11 19:05 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
    2014-08-11 19:05 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
    2014-08-11 19:05 - 2006-11-02 06:22 - 00262144 _____ () C:\Windows\system32\config\default_previous
    2014-08-09 15:31 - 2006-11-02 08:52 - 00031080 _____ () C:\Windows\setupact.log
    2014-08-09 14:44 - 2014-08-09 14:44 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
    2014-08-09 14:44 - 2014-08-09 14:43 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Notepad++
    2014-08-09 14:44 - 2014-08-09 14:43 - 00000000 ____D () C:\Program Files\Notepad++
    2014-08-05 12:22 - 2014-08-05 10:42 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\DVD Flick
    2014-08-05 11:51 - 2014-08-05 10:51 - 00000000 ____D () C:\Users\RW-01\Documents\dvd
    2014-08-05 10:42 - 2014-08-05 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick
    2014-08-05 10:42 - 2014-08-05 10:42 - 00000000 ____D () C:\Program Files\DVD Flick
    2014-08-05 10:31 - 2014-08-05 10:31 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Oracle
    2014-08-05 10:30 - 2014-08-05 10:30 - 00000000 ____D () C:\Program Files\Common Files\Java
    2014-08-02 11:30 - 2014-08-02 11:30 - 00000000 ____D () C:\ProgramData\Sun
    2014-07-31 23:42 - 2006-11-02 06:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
    2014-07-30 14:21 - 2014-07-30 14:21 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XviD
    2014-07-30 14:21 - 2014-07-30 14:21 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
    2014-07-30 14:21 - 2014-07-30 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
    2014-07-30 14:21 - 2014-07-30 14:20 - 00000000 ____D () C:\Program Files\AutoGK
    2014-07-30 14:21 - 2014-05-22 11:20 - 00000000 ____D () C:\Program Files\Common Files\Common Share
    2014-07-30 14:20 - 2014-07-30 14:20 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub
    2014-07-30 14:20 - 2014-07-30 14:20 - 00000000 ____D () C:\Program Files\Gabest
    2014-07-30 10:30 - 2014-07-30 10:30 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
    2014-07-30 10:30 - 2014-07-30 10:30 - 00000000 ____D () C:\Program Files\DVD Decrypter
    2014-07-29 22:13 - 2014-08-13 00:33 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-07-29 22:12 - 2014-08-13 00:33 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-07-29 22:12 - 2014-08-13 00:33 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 06119936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 03632128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00480768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-07-29 22:11 - 2014-08-13 00:33 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
    2014-07-29 20:33 - 2014-08-13 00:33 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-07-29 20:25 - 2014-08-13 00:33 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-07-25 16:05 - 2014-07-25 16:05 - 00000114 _____ () C:\Windows\wininit.ini
    2014-07-25 00:26 - 2014-08-13 00:33 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-07-24 22:53 - 2014-08-13 00:33 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-07-22 13:14 - 2014-07-22 13:12 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Apple Computer
    2014-07-22 13:12 - 2014-07-22 13:12 - 00001664 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Apple Computer
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\Apple Computer
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\Program Files\iTunes
    2014-07-22 13:12 - 2014-07-22 13:12 - 00000000 ____D () C:\Program Files\iPod
    2014-07-22 13:12 - 2014-07-22 13:10 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2014-07-22 13:11 - 2014-07-22 13:11 - 00001830 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2014-07-22 13:11 - 2014-07-22 13:11 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Apple
    2014-07-22 13:11 - 2014-07-22 13:11 - 00000000 ____D () C:\Program Files\Apple Software Update
    2014-07-22 13:11 - 2014-07-22 13:10 - 00000000 ____D () C:\ProgramData\Apple
    2014-07-22 13:10 - 2014-07-22 13:10 - 00000000 ____D () C:\Program Files\Bonjour
    2014-07-22 09:44 - 2014-05-22 12:16 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2014-07-22 09:44 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\tracing
    2014-07-21 13:31 - 2014-07-21 13:31 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Macromedia
    2014-07-21 04:26 - 2014-07-21 04:26 - 00000000 ____D () C:\Windows\system32\Macromed
    2014-07-21 02:28 - 2014-07-21 02:28 - 00000000 ____D () C:\Users\RW-01\dwhelper
    2014-07-21 02:17 - 2014-07-21 02:17 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\Mozilla
    2014-07-21 02:17 - 2014-07-21 02:17 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Mozilla
    2014-07-21 02:16 - 2014-07-21 02:16 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2014-07-21 02:16 - 2014-07-21 02:16 - 00000834 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-07-21 02:16 - 2014-07-21 02:16 - 00000000 ____D () C:\ProgramData\Mozilla
    2014-07-20 15:29 - 2014-07-20 15:28 - 00000000 ____D () C:\Users\RW-01\Documents\Freemake
    2014-07-20 14:59 - 2014-07-20 14:59 - 00000000 ____D () C:\Users\RW-01\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
    2014-07-20 14:58 - 2014-07-20 14:58 - 00000000 ____D () C:\Users\RW-01\AppData\Local\Aimersoft
    2014-07-20 14:58 - 2014-07-20 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aimersoft
    2014-07-20 14:58 - 2014-07-20 14:58 - 00000000 ____D () C:\Program Files\Common Files\Aimersoft
    2014-07-20 01:38 - 2014-07-20 01:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

    Some content of TEMP:
    ====================
    C:\Users\RW-01\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.3.exe
    C:\Users\RW-01\AppData\Local\Temp\Quarantine.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-08-13 20:52

    ==================== End Of Log ============================
     
  10. 66vdub

    66vdub Registered Members

    Joined:
    Aug 13, 2014
    Messages:
    10
    Location:
    NC
    Operating System:
    Windows Vista Home Premium
    Computer Brand or Motherboard:
    ASUS M3A78-EM AM2+/AM2 AMD 780G HDMI Micro ATX AMD
    CPU:
    AMD Athlon 64 X2 5050e Brisbane Dual-Core 2.6GHz Socket AM2 45W Processor
    Memory:
    OCZ Reaper HPC Edition 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Dual Channel Kit Desktop
    Hard Drive:
    PNY Optima Series 240GB SSD
    Graphics Card:
    integrated
    Power Supply:
    ModXStream Pro 500W 80Plus Semi-Modular High Performance
    Additional scan result of Farbar Recovery Scan Tool (x86) Version:13-08-2014
    Ran by RW-01 at 2014-08-13 20:52:35
    Running from C:\Users\RW-01\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat 7.0 Standard (Version: 7.1.0 - Adobe Systems) Hidden
    Adobe Acrobat 7.1.0 Standard (HKLM\...\Adobe Acrobat 7.0 Standard - V) (Version: 7.1.0 - Adobe Systems)
    Adobe Acrobat Reader 3.01 (HKLM\...\Adobe Acrobat Reader 3.01) (Version: - )
    Adobe Photoshop Lightroom 4.4 (HKLM\...\{FA6F726E-AA8D-492A-B18A-A5945C337FCE}) (Version: 4.4.1 - Adobe)
    AnyDVD (HKLM\...\AnyDVD) (Version: 7.4.6.0 - SlySoft)
    Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
    CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
    Canon MF Toolbox 4.9.1.1.mf16 (HKLM\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf16 - CANON INC.)
    Canon MF4320-4350 (HKLM\...\{99A5569D-9F86-4f32-A227-1538B731DA42}) (Version: - )
    Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
    Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
    Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
    Canon Utilities Digital Photo Professional 3.10 (HKLM\...\DPP) (Version: 3.10.2.0 - Canon Inc.)
    Canon Utilities EOS Sample Music (HKLM\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.)
    Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
    Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
    Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
    Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
    Canon Utilities Picture Style Editor (HKLM\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
    Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
    Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
    CloneDVD2 (HKLM\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
    Cool & Quiet (HKLM\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version: - )
    Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.7) (Version: 5.0.0.7 - Coupons.com Incorporated)
    DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
    ffdshow v1.3.4500 [2013-01-06] (HKLM\...\ffdshow_is1) (Version: 1.3.4500.0 - )
    FileZilla Client 3.9.0.2 (HKLM\...\FileZilla Client) (Version: 3.9.0.2 - Tim Kosse)
    Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
    Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
    IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
    iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
    jEdit 5.2pre1 (HKLM\...\jEdit_is1) (Version: 5.2pre1 - Contributors)
    K-Lite Codec Pack 10.4.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.4.5 - )
    Malwarebytes' Anti-Malware (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: - Malwarebytes Corporation)
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    MediaInfo 0.7.69 (HKLM\...\MediaInfo) (Version: 0.7.69 - MediaArea.net)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Microsoft Office Professional Plus 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Mozilla Firefox 30.0 (x86 en-US) (HKLM\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    OJOsoft Total Video Converter (HKLM\...\OJOsoft Total Video Converter_is1) (Version: 2.7.2.1017 - OJOsoft)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
    WinRAR 5.11 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


    ==================== Restore Points =========================

    02-08-2014 15:29:26 Installed Java 7 Update 65
    05-08-2014 14:29:23 Installed Java 7 Update 67
    06-08-2014 14:49:26 Scheduled Checkpoint
    07-08-2014 04:00:01 Scheduled Checkpoint
    08-08-2014 04:00:01 Scheduled Checkpoint
    09-08-2014 16:25:20 Scheduled Checkpoint
    11-08-2014 23:03:18 Restore Operation
    12-08-2014 04:55:45 Installed Java 7 Update 67
    13-08-2014 04:05:50 Removed Java 7 Update 67
    13-08-2014 04:08:02 Removed CouponPrinterPlugin
    13-08-2014 04:10:37 Removed CA Parental Controls
    13-08-2014 04:21:45 Removed NetDvr
    13-08-2014 04:33:30 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2006-11-02 06:23 - 2006-09-18 17:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    ::1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
    Task: {27D244EF-EF28-43A7-8F7B-B7FF0589CB20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-21] (Google Inc.)
    Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
    Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
    Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
    Task: {506A26BB-085A-42A2-B940-2E604261499C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-21] (Google Inc.)
    Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
    Task: {B8760D3E-0EEC-411F-B4F4-038AD9236DAF} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
    Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
    Task: {FCCA6D28-7541-4805-8CC4-8B431A1B56E6} - System32\Tasks\PastaQuotes => C:\Program Files\pastaleads\ScheduledTask.exe

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-07-31 11:22 - 2014-07-31 11:22 - 00035328 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
    2014-05-24 12:41 - 2014-05-24 12:41 - 00091648 _____ () C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
    2014-05-24 12:41 - 2014-05-24 12:41 - 00892416 _____ () C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
    2014-07-20 14:58 - 2013-08-07 14:31 - 00214528 _____ () C:\Windows\System32\AiCM32.dll
    2011-04-20 01:21 - 2011-04-20 01:21 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk => C:\Windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup
    MSCONFIG\startupreg: Acrobat Assistant 7.0 => "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
    MSCONFIG\startupreg: cctray => "C:\Program Files\Total Defense\Internet Security Suite\casc.exe"
    MSCONFIG\startupreg: updateMgr => C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcStd7_1_0 -reboot 1
    MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (08/13/2014 08:47:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (08/13/2014 01:38:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (08/13/2014 00:54:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (08/13/2014 00:10:37 AM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {02e1da45-e189-4087-906d-e5256c10385b}

    Error: (08/12/2014 11:59:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (08/12/2014 09:04:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (08/11/2014 07:11:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (08/11/2014 07:09:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: -528

    Error: (08/11/2014 07:09:20 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: Catalog Database (1544) Catalog Database: Error -1811 occurred while opening logfile C:\Windows\system32\CatRoot2\edb0014A.log.

    Error: (08/11/2014 04:57:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


    System errors:
    =============
    Error: (08/13/2014 03:05:32 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

    Error: (08/13/2014 01:35:57 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

    Error: (08/13/2014 00:50:29 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

    Error: (08/12/2014 11:54:41 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

    Error: (08/12/2014 11:54:38 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

    Error: (08/12/2014 02:00:34 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

    Error: (08/11/2014 07:11:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Windows Image Acquisition (WIA)

    Error: (08/11/2014 07:11:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: PastaQuotes

    Error: (08/11/2014 07:11:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Network List Service

    Error: (08/11/2014 07:11:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: IP Helper


    Microsoft Office Sessions:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2014-08-13 20:47:15.054
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 01:38:08.374
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:54:59.241
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:54:59.039
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:54:58.867
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:54:58.664
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:09:37.366
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\KmxAMRT.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:09:37.210
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\KmxAMRT.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:09:37.054
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\KmxAMRT.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-08-13 00:09:36.898
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\KmxAMRT.sys because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: AMD Athlon(tm) Dual Core Processor 5050e
    Percentage of memory in use: 34%
    Total physical RAM: 3326.18 MB
    Available physical RAM: 2163.41 MB
    Total Pagefile: 6880.89 MB
    Available Pagefile: 5788.3 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1918.94 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:223.57 GB) (Free:157.15 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: (Quick Start) (CDROM) (Total:0.29 GB) (Free:0 GB) CDFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 224 GB) (Disk ID: C006EF4F)
    Partition 1: (Active) - (Size=224 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  11. Rich M

    Rich M Guest

    Joined:
    Dec 24, 2013
    Messages:
    4,580
    Location:
    NE Pa USA
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    MSI Z97 PC Mate LGA 1150 Intel Z97
    CPU:
    Intel i7 4790K 4.0Ghz
    Memory:
    Corsair Vengeance 16GB (2x8GB) DDR3 2133
    Hard Drive:
    Crucial 256 Gb SSD+ WD Raptor 300 Gb Sata III
    Graphics Card:
    Radeon R9 280 2GB HDMI
    Power Supply:
    Seasonic 750 watt
    Please be patient Starbuck is having issues trying to reply to you.
     
  12. 66vdub

    66vdub Registered Members

    Joined:
    Aug 13, 2014
    Messages:
    10
    Location:
    NC
    Operating System:
    Windows Vista Home Premium
    Computer Brand or Motherboard:
    ASUS M3A78-EM AM2+/AM2 AMD 780G HDMI Micro ATX AMD
    CPU:
    AMD Athlon 64 X2 5050e Brisbane Dual-Core 2.6GHz Socket AM2 45W Processor
    Memory:
    OCZ Reaper HPC Edition 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Dual Channel Kit Desktop
    Hard Drive:
    PNY Optima Series 240GB SSD
    Graphics Card:
    integrated
    Power Supply:
    ModXStream Pro 500W 80Plus Semi-Modular High Performance
    No Problem...
    Thanks for the update.
     
  13. umar

    umar Owner Administrator

    Joined:
    Jul 11, 2014
    Messages:
    452
    Operating System:
    Windows 7
    Computer Brand or Motherboard:
    HP ProBook 4540s
    CPU:
    Intel® Core™ i5
    66vdub

    Starbuck is facing problems in posting because of our web host. We may try to reply to you through some other medium.
     
  14. 66vdub

    66vdub Registered Members

    Joined:
    Aug 13, 2014
    Messages:
    10
    Location:
    NC
    Operating System:
    Windows Vista Home Premium
    Computer Brand or Motherboard:
    ASUS M3A78-EM AM2+/AM2 AMD 780G HDMI Micro ATX AMD
    CPU:
    AMD Athlon 64 X2 5050e Brisbane Dual-Core 2.6GHz Socket AM2 45W Processor
    Memory:
    OCZ Reaper HPC Edition 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Dual Channel Kit Desktop
    Hard Drive:
    PNY Optima Series 240GB SSD
    Graphics Card:
    integrated
    Power Supply:
    ModXStream Pro 500W 80Plus Semi-Modular High Performance
    Thanks for update umar.
     

Share This Page