Results 1 to 5 of 5

Thread: adverttraff.exe malware

  1. #1
    Junior Member
    Join Date
    Oct 2014
    Posts
    3

    Question adverttraff.exe malware

    I need help to delete this problem because every time I start my computer the program starts my browser up and directs me to play-toolbar.org/game-toolbar.org.

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014 01
    Ran by Domo robo (administrator) on DOMOROBO-PC on 02-10-2014 12:06:20
    Running from C:\Users\Domo robo\Desktop\New folder
    Loaded Profile: Domo robo (Available profiles: Domo robo)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
    (Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
    (Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
    HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
    HKU\S-1-5-21-3398392952-925762368-1090278300-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
    HKU\S-1-5-21-3398392952-925762368-1090278300-1000\...\Run: [uTorrent] => C:\Users\Domo robo\AppData\Roaming\uTorrent\uTorrent.exe [1416016 2014-09-18] (BitTorrent Inc.)
    HKU\S-1-5-21-3398392952-925762368-1090278300-1000\...\RunOnce: [Uninstall C:\Users\Domo robo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Domo robo\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
    HKU\S-1-5-21-3398392952-925762368-1090278300-1000\...\MountPoints2: {c1a02a52-aede-11e2-8195-90e6baca34fd} - D:\Setup.exe
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x347633568D0ACF01
    SearchScopes: HKCU - {87C885DA-0B91-4D35-A53A-D2B3BDAAF1E6} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=293224&p={searchTerms}
    BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Domo robo\AppData\Roaming\Mozilla\Firefox\Profiles\19ie95yb.default-1390688603546
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Domo robo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Domo robo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Extension: WOT - C:\Users\Domo robo\AppData\Roaming\Mozilla\Firefox\Profiles\19ie95yb.default-1390688603546\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-04-13]
    FF Extension: Adblock Plus Pop-up Addon - C:\Users\Domo robo\AppData\Roaming\Mozilla\Firefox\Profiles\19ie95yb.default-1390688603546\Extensions\adblockpopups@jessehakanen.net.xpi [2014-01-25]
    FF Extension: Adblock Plus - C:\Users\Domo robo\AppData\Roaming\Mozilla\Firefox\Profiles\19ie95yb.default-1390688603546\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-25]
    FF Extension: Adblock Edge - C:\Users\Domo robo\AppData\Roaming\Mozilla\Firefox\Profiles\19ie95yb.default-1390688603546\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-01-25]
    FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-05-19]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-29]
    FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

    Chrome:
    =======
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Users\Domo robo\AppData\Local\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\Domo robo\AppData\Local\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
    CHR Plugin: (Shockwave Flash) - C:\Users\Domo robo\AppData\Local\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
    CHR Plugin: (Google Update) - C:\Users\Domo robo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
    CHR Profile: C:\Users\Domo robo\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Angry Birds) - C:\Users\Domo robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-04-30]
    CHR Extension: (Google Drive) - C:\Users\Domo robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-30]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Domo robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
    CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Domo robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-08]
    CHR Extension: (Google Calendar) - C:\Users\Domo robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-04-30]
    CHR Extension: (AdBlock) - C:\Users\Domo robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-08]
    CHR Extension: (avast! Online Security) - C:\Users\Domo robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-29]
    CHR Extension: (No Name) - C:\Users\Domo robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2013-04-30]
    CHR Extension: (Craigslist) - C:\Users\Domo robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfhkdighkjbghfkkelkgdlmbkjopoali [2013-04-30]
    CHR Extension: (Steam Theme) - C:\Users\Domo robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcphcjcjgkjmbphkfjleamgkinaeebnm [2013-04-30]
    CHR Extension: (Google Wallet) - C:\Users\Domo robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
    CHR Extension: (Gmail) - C:\Users\Domo robo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-30]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-01]
    CHR StartMenuInternet: Google Chrome - C:\Users\Domo robo\AppData\Local\Google\Chrome\Application\chrome.exe

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
    R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
    R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-01] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-01] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-01] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-01] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-01] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-01] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-01] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-01] ()
    R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-27] (DT Soft Ltd)
    R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
    R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
    S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-10-02 12:05 - 2014-10-02 12:06 - 00000000 ____D () C:\Users\Domo robo\Desktop\New folder
    2014-10-02 00:58 - 2014-10-02 00:58 - 00000000 ____D () C:\Windows\Microsoft Antimalware
    2014-10-01 23:30 - 2014-10-01 23:32 - 00000000 ____D () C:\Users\Domo robo\Desktop\New folder (3)
    2014-10-01 23:29 - 2014-10-01 23:29 - 00913408 _____ (Microsoft Corporation) C:\Users\Domo robo\Desktop\mssstool64.exe
    2014-10-01 22:40 - 2014-10-02 11:09 - 00003338 _____ () C:\Windows\PFRO.log
    2014-10-01 22:33 - 2014-10-01 22:57 - 00000000 ____D () C:\Users\Domo robo\Downloads\Middle-earth Shadow of Mordor [RePack]
    2014-10-01 21:51 - 2014-10-01 21:51 - 01375089 _____ () C:\Users\Domo robo\Desktop\adwcleaner_3.311.exe
    2014-10-01 21:50 - 2014-10-01 21:50 - 00000000 ____D () C:\Users\Domo robo\Desktop\antimalware
    2014-10-01 21:41 - 2014-10-01 21:41 - 00000000 ____D () C:\Users\Domo robo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
    2014-10-01 21:41 - 2014-10-01 21:41 - 00000000 ____D () C:\Users\Domo robo\AppData\Roaming\GHISLER
    2014-10-01 21:41 - 2014-10-01 21:41 - 00000000 ____D () C:\totalcmd
    2014-10-01 20:13 - 2014-10-01 20:13 - 00000000 ____D () C:\Users\Domo robo\AppData\Roaming\Safer Networking
    2014-10-01 20:12 - 2014-10-01 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safer Networking
    2014-10-01 20:12 - 2014-10-01 20:14 - 00000000 ____D () C:\Program Files (x86)\Safer Networking
    2014-10-01 20:06 - 2014-10-02 11:09 - 00000672 _____ () C:\Windows\setupact.log
    2014-10-01 20:06 - 2014-10-01 20:06 - 00000000 _____ () C:\Windows\setuperr.log
    2014-10-01 10:10 - 2014-10-01 20:14 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-10-01 10:10 - 2014-10-01 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
    2014-10-01 10:10 - 2014-10-01 10:10 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
    2014-09-30 20:05 - 2014-09-30 20:05 - 00000000 ____D () C:\Users\Domo robo\Desktop\New folder (2)
    2014-09-30 19:26 - 2014-10-01 10:27 - 00000000 ____D () C:\Users\Domo robo\Desktop\bus 495
    2014-09-30 19:25 - 2014-09-30 20:39 - 1612926347 ____R () C:\Users\Domo robo\Desktop\Running Man EP 214 720p SUBBED - [KSN].mp4
    2014-09-30 18:43 - 2014-10-01 08:45 - 00000000 ____D () C:\Users\Domo robo\Downloads\GirlsDoPorn.E281.20.Years.Old.XXX.720p.MP4-KTR[rarbg]
    2014-09-30 18:42 - 2014-09-24 19:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2014-09-30 18:42 - 2014-09-24 18:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2014-09-29 07:59 - 2014-10-02 12:06 - 00000000 ____D () C:\FRST
    2014-09-29 07:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
    2014-09-29 07:52 - 2014-10-01 22:39 - 00000000 ____D () C:\AdwCleaner
    2014-09-28 23:10 - 2014-09-28 23:10 - 00000000 ____D () C:\Users\Domo robo\Downloads\New folder
    2014-09-27 18:24 - 2014-09-27 18:24 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
    2014-09-27 18:24 - 2014-09-27 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
    2014-09-25 23:48 - 2014-09-27 18:36 - 00000000 ____D () C:\Users\Domo robo\Desktop\frl 330
    2014-09-25 01:29 - 2014-09-25 01:29 - 00000000 ____D () C:\Users\Domo robo\Desktop\CPP Fall quarter 2013
    2014-09-25 01:28 - 2014-09-25 01:29 - 00000000 ____D () C:\Users\Domo robo\Desktop\CPP summer quarter 2014
    2014-09-25 01:26 - 2014-09-25 01:26 - 00000000 ____D () C:\Users\Domo robo\Desktop\frl 302
    2014-09-25 01:25 - 2014-09-26 00:47 - 00000000 ____D () C:\Users\Domo robo\Desktop\frl 315
    2014-09-25 01:25 - 2014-09-25 01:26 - 00000000 ____D () C:\Users\Domo robo\Desktop\computer program books
    2014-09-23 21:10 - 2014-09-23 21:10 - 00000000 ____D () C:\Users\Domo robo\AppData\Roaming\Arrowhead
    2014-09-23 20:13 - 2014-09-23 20:31 - 00000000 ____D () C:\Users\Domo robo\Downloads\Gauntlet [Steam-Rip]
    2014-09-23 19:48 - 2014-09-09 15:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-09-23 19:48 - 2014-09-09 14:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2014-09-23 06:37 - 2014-09-23 07:26 - 1766901909 ____R () C:\Users\Domo robo\Desktop\Running Man EP 213 720p SUBBED - [KSN].mp4
    2014-09-22 03:21 - 2014-09-22 03:22 - 00000000 ____D () C:\Users\Domo robo\Downloads\aaa
    2014-09-21 18:17 - 2014-09-21 23:22 - 00000000 ____D () C:\Users\Domo robo\Downloads\Hitman.Absolution-SKIDROW
    2014-09-20 21:32 - 2014-09-20 21:32 - 00000000 ____D () C:\ProgramData\GRETECH
    2014-09-18 15:42 - 2014-09-26 15:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-09-16 01:40 - 2014-09-16 01:41 - 00000000 ____D () C:\Users\Domo robo\Desktop\MSOffice2010
    2014-09-15 00:59 - 2014-09-15 00:59 - 00000000 ____D () C:\Users\Domo robo\AppData\Local\CAPCOM
    2014-09-12 20:13 - 2014-09-12 20:13 - 00000000 ____D () C:\Users\Public\Foxit Software
    2014-09-12 20:12 - 2014-09-12 20:12 - 00001358 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
    2014-09-12 20:12 - 2014-09-12 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
    2014-09-11 18:28 - 2014-08-19 11:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-09-11 18:28 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-09-11 18:28 - 2014-08-18 16:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-09-11 18:28 - 2014-08-18 15:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-09-11 18:28 - 2014-08-18 15:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-09-11 18:28 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-09-11 18:28 - 2014-08-18 15:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-09-11 18:28 - 2014-08-18 15:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-09-11 18:28 - 2014-08-18 15:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-09-11 18:28 - 2014-08-18 15:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-09-11 18:28 - 2014-08-18 15:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-09-11 18:28 - 2014-08-18 15:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-09-11 18:28 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-09-11 18:28 - 2014-08-18 15:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-09-11 18:28 - 2014-08-18 15:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-09-11 18:28 - 2014-08-18 15:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-09-11 18:28 - 2014-08-18 15:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-09-11 18:28 - 2014-08-18 15:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-09-11 18:28 - 2014-08-18 15:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-09-11 18:28 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-09-11 18:28 - 2014-08-18 14:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-09-11 18:28 - 2014-08-18 14:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-09-11 18:28 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-09-11 18:28 - 2014-08-18 14:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-09-11 18:28 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-09-11 18:28 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-09-11 18:28 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-09-11 18:28 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-09-11 18:28 - 2014-08-18 14:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-09-11 18:28 - 2014-08-18 14:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-09-11 18:28 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-09-11 18:28 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-09-11 18:28 - 2014-08-18 14:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-09-11 18:28 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-09-11 18:28 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-09-11 18:28 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-09-11 18:28 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-09-11 18:28 - 2014-08-18 14:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-09-11 18:28 - 2014-08-18 14:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-09-11 18:28 - 2014-08-18 14:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-09-11 18:28 - 2014-08-18 14:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-09-11 18:28 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-09-11 18:28 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-09-11 18:28 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-09-11 18:28 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-09-11 18:28 - 2014-08-18 14:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-09-11 18:28 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-09-11 18:28 - 2014-08-18 14:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-09-11 18:28 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-09-11 18:28 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-09-11 18:28 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-09-11 18:28 - 2014-08-18 13:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-09-11 18:28 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-09-11 18:28 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-09-11 18:28 - 2014-08-18 13:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-09-11 18:28 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-09-10 22:45 - 2014-09-10 23:04 - 1849836303 ____R () C:\Users\Domo robo\Desktop\Running Man EP 212 720p SUBBED - [KSN].mp4
    2014-09-10 20:44 - 2014-09-10 20:44 - 00000000 ____D () C:\Users\Domo robo\Desktop\CFA_2014
    2014-09-09 01:44 - 2014-09-09 01:44 - 00000000 ____D () C:\Users\Domo robo\Desktop\cfa schweser
    2014-09-04 02:33 - 2014-09-04 02:33 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2014-09-04 02:33 - 2014-09-04 02:33 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
    2014-09-04 02:33 - 2014-09-04 02:33 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2014-09-04 02:33 - 2014-09-04 02:33 - 00000020 _____ () C:\Windows\
    2014-09-04 02:33 - 2014-09-04 02:33 - 00000000 ____D () C:\Windows\en
    2014-09-04 02:32 - 2014-09-04 02:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    2014-09-04 02:32 - 2014-09-04 02:32 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    2014-09-04 02:32 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
    2014-09-04 02:31 - 2014-09-04 02:33 - 00000000 ____D () C:\Program Files (x86)\Windows Live
    2014-09-04 02:31 - 2014-09-04 02:32 - 00000000 ____D () C:\Program Files\Windows Live
    2014-09-04 02:28 - 2014-09-04 02:28 - 00000000 ___RD () C:\Users\Domo robo\OneDrive
    2014-09-04 02:28 - 2014-09-04 02:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
    2014-09-04 02:27 - 2014-09-04 02:36 - 00000000 ____D () C:\Users\Domo robo\AppData\Local\Windows Live
    2014-09-04 02:27 - 2014-09-04 02:27 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-10-02 12:05 - 2012-05-28 16:03 - 00000000 ____D () C:\Users\Domo robo\AppData\Roaming\uTorrent
    2014-10-02 11:45 - 2014-01-25 14:43 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-10-02 11:19 - 2014-08-02 17:24 - 02081823 _____ () C:\Windows\WindowsUpdate.log
    2014-10-02 11:14 - 2012-05-18 20:15 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3398392952-925762368-1090278300-1000UA.job
    2014-10-02 11:14 - 2009-07-13 21:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-10-02 11:14 - 2009-07-13 21:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-10-02 11:10 - 2013-12-29 02:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2014-10-02 11:09 - 2014-01-01 17:31 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-10-02 11:09 - 2013-02-27 23:46 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-10-02 11:09 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-10-01 23:08 - 2014-01-01 17:31 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-10-01 22:14 - 2012-05-18 20:15 - 00000872 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3398392952-925762368-1090278300-1000Core.job
    2014-10-01 10:02 - 2012-05-18 17:04 - 00000000 ____D () C:\Users\Domo robo
    2014-10-01 08:47 - 2013-07-31 03:15 - 00000000 ____D () C:\Users\Domo robo\AppData\Roaming\vlc
    2014-09-29 18:50 - 2014-07-27 16:35 - 00000000 ____D () C:\Users\Domo robo\AppData\Roaming\DVDVideoSoft
    2014-09-29 18:48 - 2014-07-03 04:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-27 18:26 - 2013-08-20 20:44 - 00000000 ____D () C:\Users\Domo robo\AppData\Roaming\Riot Games
    2014-09-27 18:24 - 2014-01-05 22:49 - 00000000 __SHD () C:\AI_RecycleBin
    2014-09-27 06:44 - 2014-07-27 16:35 - 00000000 ____D () C:\Users\Domo robo\Desktop\imgur
    2014-09-27 06:41 - 2014-07-27 16:39 - 00000000 ____D () C:\Users\Domo robo\AppData\Local\gtk-2.0
    2014-09-27 06:41 - 2014-07-27 16:37 - 00000000 ____D () C:\Users\Domo robo\.gimp-2.8
    2014-09-27 06:33 - 2014-02-15 02:35 - 00000000 ____D () C:\Users\Domo robo\Desktop\Top 100 Hits Of The 80S
    2014-09-27 02:38 - 2012-05-18 20:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-09-26 19:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
    2014-09-25 23:54 - 2014-04-21 14:06 - 00000000 ____D () C:\Users\Domo robo\Documents\My Kindle Content
    2014-09-22 18:31 - 2013-04-27 03:39 - 00000000 ____D () C:\Users\Domo robo\AppData\Roaming\DAEMON Tools Pro
    2014-09-22 04:03 - 2013-10-26 23:35 - 00000000 ____D () C:\Users\Domo robo\AppData\Local\SKIDROW
    2014-09-21 01:34 - 2014-01-26 01:27 - 00000000 ____D () C:\Users\Domo robo\AppData\Local\CrashDumps
    2014-09-20 21:32 - 2012-05-19 20:13 - 00001209 _____ () C:\Users\Domo robo\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
    2014-09-17 19:10 - 2013-12-25 19:43 - 00000000 ____D () C:\Users\Domo robo\AppData\Local\Battle.net
    2014-09-16 01:42 - 2009-07-13 22:13 - 00006222 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-15 09:06 - 2012-05-18 17:34 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-09-15 04:08 - 2014-03-21 16:00 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-09-15 00:54 - 2013-07-04 02:44 - 00000000 ____D () C:\ProgramData\Package Cache
    2014-09-13 14:49 - 2014-08-01 02:13 - 00000000 ____D () C:\Program Files (x86)\Battle.net
    2014-09-12 20:12 - 2012-06-07 13:16 - 00000000 ____D () C:\Users\Domo robo\AppData\Roaming\Foxit Software
    2014-09-12 00:22 - 2013-08-20 20:47 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
    2014-09-11 01:50 - 2012-05-28 19:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-09-10 23:16 - 2013-05-15 20:24 - 00000000 ____D () C:\Users\Domo robo\Desktop\running man 134+
    2014-09-09 15:45 - 2014-01-25 14:43 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-09-09 15:45 - 2012-05-18 20:32 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-09-09 15:45 - 2012-05-18 20:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-09-04 02:33 - 2012-05-28 19:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2014-09-04 02:31 - 2009-07-13 20:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
    2014-09-02 18:31 - 2012-05-19 14:52 - 00000000 ____D () C:\Windows\Minidump
    2014-09-02 18:14 - 2014-06-25 19:10 - 00000000 ____D () C:\Users\Domo robo\Desktop\ACCONTING BOOKS(BBS)

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-09-26 19:30

    ==================== End Of Log ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-10-2014 01
    Ran by Domo robo at 2014-10-02 12:06:59
    Running from C:\Users\Domo robo\Desktop\New folder
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)


    4500_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
    Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
    AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
    AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
    AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
    AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
    AMD Fuel (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
    AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden
    AMD Steady Video Plug-In (Version: 2.06.0000 - AMD) Hidden
    Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
    BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
    BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
    ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 3.18 - Piriform)
    CPUID HWMonitor 1.22 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
    CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2420.0 - CyberLink Corp.)
    CyberLink PowerDirector 12 (Version: 12.0.2420.0 - CyberLink Corp.) Hidden
    CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.4203 - CyberLink Corp.)
    CyberLink WaveEditor 2 (x32 Version: 2.0.4203 - CyberLink Corp.) Hidden
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version: - Microsoft)
    Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
    Divinity Original Sin (HKLM-x32\...\RGl2aW5pdHlPcmlnaW5hbFNpbg==_is1) (Version: 1 - )
    DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
    DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
    Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
    FileAlyzer 2 (HKLM-x32\...\{29D3773E-54F4-23C2-D523-236A4453B845}_is1) (Version: 2.0.5.57 - Safer Networking Limited)
    Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
    Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.2.802 - Foxit Corporation)
    GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
    GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.62.5209 - Gretech Corporation)
    Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
    HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
    HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
    HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
    HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
    HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
    HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
    J4500 (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
    Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
    League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
    Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
    Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
    Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
    MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
    NewBlue Video Essentials II for PowerDirector (HKLM\...\NewBlue Video Essentials II for Cyberlink) (Version: 3.0 - NewBlue)
    NewBlue Video Essentials III for PowerDirector (HKLM\...\NewBlue Video Essentials III for Cyberlink) (Version: 3.0 - NewBlue)
    NVIDIA 3D Vision Controller Driver 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.50 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.50 - NVIDIA Corporation)
    NVIDIA Control Panel 337.50 (Version: 337.50 - NVIDIA Corporation) Hidden
    NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
    NVIDIA Graphics Driver 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.50 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
    NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
    NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
    NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
    NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
    NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
    NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
    NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
    NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    Officejet J4500 Series (HKLM\...\{E11448F2-0B44-4239-B04E-D88FE743E929}) (Version: 13.0 - HP)
    Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    PowerDirector (Version: 12.0 - CyberLink Corp.) Hidden
    ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
    QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
    RegAlyzer (HKLM-x32\...\{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1) (Version: 1.6.2.16 - Safer-Networking Ltd.)
    Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Screencast-O-Matic (HKCU\...\Screencast-O-Matic) (Version: - Screencast-O-Matic)
    SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
    Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
    SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
    Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
    Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
    Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
    Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
    TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
    Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
    WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
    Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
    Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-3398392952-925762368-1090278300-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Domo robo\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3398392952-925762368-1090278300-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Domo robo\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

    ==================== Restore Points =========================

    24-09-2014 02:47:49 Windows Update
    24-09-2014 04:06:03 Installed DirectX
    24-09-2014 10:00:11 Windows Update
    28-09-2014 01:24:24 Installed League of Legends
    28-09-2014 01:25:00 Installed DirectX
    01-10-2014 01:42:32 Windows Update
    01-10-2014 04:57:05 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {05A66FE2-3A52-4531-8BE9-1F284C25709C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
    Task: {0672F07E-F9BB-4342-B22F-4205EA45153C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
    Task: {0F6FFEC0-6D14-49BD-8600-8B8DB1F3EFD9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-01] (AVAST Software)
    Task: {4C5A8306-8B57-4817-ACD4-0B0DEB5C965B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
    Task: {6F3BC5C3-B334-4FF5-A9EE-F0F60FD16BFE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3398392952-925762368-1090278300-1000Core => C:\Users\Domo robo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-18] (Google Inc.)
    Task: {7B794A18-5C70-425B-B403-7D95CDF6E90A} - System32\Tasks\pc shutdown => C:\Windows\System32\shutdown.exe [2009-07-13] (Microsoft Corporation)
    Task: {B1A54871-206A-436E-B7C4-70B7D4CD680E} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
    Task: {E8EECA45-66FC-4D01-8B7D-B5E0A44D715A} - System32\Tasks\basic pc shut down => C:\Windows\System32\shutdown.exe [2009-07-13] (Microsoft Corporation)
    Task: {F37946AE-CBFA-46E7-AFA6-B99F2D19A47B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3398392952-925762368-1090278300-1000UA => C:\Users\Domo robo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-18] (Google Inc.)
    Task: {F6A302C5-74A5-4EA3-AD76-384BB6BF0662} - System32\Tasks\sd => C:\Windows\System32\shutdown.exe [2009-07-13] (Microsoft Corporation)
    Task: {F9E6FA2B-EC74-45E3-A101-A0D55C42CEBA} - System32\Tasks\shut down => C:\Windows\System32\shutdown.exe [2009-07-13] (Microsoft Corporation)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3398392952-925762368-1090278300-1000Core.job => C:\Users\Domo robo\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3398392952-925762368-1090278300-1000UA.job => C:\Users\Domo robo\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-08-30 19:47 - 2013-08-30 19:47 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
    2012-10-22 14:41 - 2012-10-22 14:41 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
    2012-10-22 14:42 - 2012-10-22 14:42 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
    2013-08-30 19:47 - 2013-08-30 19:47 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
    2014-01-04 19:27 - 2012-06-17 23:18 - 01202688 _____ () C:\Windows\system32\ac3filter64.acm
    2014-03-17 01:33 - 2012-08-08 21:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2013-08-30 19:47 - 2013-08-30 19:47 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
    2014-08-01 13:35 - 2014-08-01 13:35 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
    2014-10-01 10:28 - 2014-10-01 10:28 - 02867712 _____ () C:\Program Files\AVAST Software\Avast\defs\14100101\algo.dll
    2014-10-02 11:12 - 2014-10-02 11:12 - 02858496 _____ () C:\Program Files\AVAST Software\Avast\defs\14100200\algo.dll
    2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () c:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () c:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-02-28 14:22 - 2014-02-28 14:22 - 00107520 ____R () C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll
    2014-08-01 13:35 - 2014-08-01 13:35 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2014-09-18 15:42 - 2014-09-26 15:59 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
    MSCONFIG\startupreg: APSDaemon => "c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: CMD => cmd.exe /c start http://adverttraff.org && exit
    MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
    MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
    MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    MSCONFIG\startupreg: Google Update => "C:\Users\Domo robo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    MSCONFIG\startupreg: QuickTime Task => "c:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"


    ========================= Accounts: ==========================

    Administrator (S-1-5-21-3398392952-925762368-1090278300-500 - Administrator - Disabled)
    Domo robo (S-1-5-21-3398392952-925762368-1090278300-1000 - Administrator - Enabled) => C:\Users\Domo robo
    Guest (S-1-5-21-3398392952-925762368-1090278300-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3398392952-925762368-1090278300-1002 - Limited - Enabled)

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================


    Error: (10/01/2014 10:39:26 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

    Error: (10/01/2014 10:34:53 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

    Error: (09/30/2014 09:57:02 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

    Error: (09/30/2014 07:19:36 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description: The index cannot be initialized.


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (09/30/2014 07:19:36 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: The application cannot be initialized.

    Context: Windows Application


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (09/30/2014 07:19:36 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
    Description: The gatherer object cannot be initialized.

    Context: Windows Application, SystemIndex Catalog


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (09/30/2014 07:19:36 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

    Context: Windows Application, SystemIndex Catalog


    Details:
    Element not found. (HRESULT : 0x80070490) (0x80070490)

    Error: (09/30/2014 07:19:34 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: The plug-in in <Search.JetPropStore> cannot be initialized.

    Context: Windows Application, SystemIndex Catalog


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (09/30/2014 07:19:34 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
    Description: The Windows Search Service cannot load the property store information.

    Context: Windows Application, SystemIndex Catalog


    Details:
    The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


    System errors:
    =============
    Error: (10/02/2014 11:14:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Windows Update service hung on starting.

    Error: (10/02/2014 11:09:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error:
    %%-2140993535

    Error: (10/02/2014 11:09:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
    %%-2140993535

    Error: (10/02/2014 11:09:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
    %%-2140993535

    Error: (10/02/2014 11:09:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error:
    %%-2140993535

    Error: (10/02/2014 11:09:38 AM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801

    Error: (10/02/2014 11:09:38 AM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801

    Error: (10/02/2014 11:09:27 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
    %%-2140993535

    Error: (10/02/2014 11:09:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error:
    %%-2140993535

    Error: (10/02/2014 11:09:27 AM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801


    Microsoft Office Sessions:
    =========================

    Error: (10/01/2014 10:39:26 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

    Error: (10/01/2014 10:34:53 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

    Error: (09/30/2014 09:57:02 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
    Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

    Error: (09/30/2014 07:19:36 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description:
    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (09/30/2014 07:19:36 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: Context: Windows Application


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (09/30/2014 07:19:36 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
    Description: Context: Windows Application, SystemIndex Catalog


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (09/30/2014 07:19:36 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: Context: Windows Application, SystemIndex Catalog


    Details:
    Element not found. (HRESULT : 0x80070490) (0x80070490)
    Search.TripoliIndexer

    Error: (09/30/2014 07:19:34 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: Context: Windows Application, SystemIndex Catalog


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
    Search.JetPropStore

    Error: (09/30/2014 07:19:34 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
    Description: Context: Windows Application, SystemIndex Catalog


    Details:
    The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


    CodeIntegrity Errors:
    ===================================
    Date: 2013-12-05 00:26:40.550
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-12-05 00:26:40.425
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-12-05 00:26:40.300
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-12-05 00:26:40.191
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-12-05 00:26:40.066
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-12-05 00:26:39.941
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-12-05 00:26:31.283
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-12-05 00:26:31.174
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-12-05 00:26:31.049
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-12-05 00:26:30.925
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mrxsmb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: AMD Phenom(tm) II X4 955 Processor
    Percentage of memory in use: 26%
    Total physical RAM: 8191.18 MB
    Available physical RAM: 6038.5 MB
    Total Pagefile: 16380.53 MB
    Available Pagefile: 13893.94 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:1862.92 GB) (Free:1346.22 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 3DD5DF37)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
    Last edited by tashi; 2014-10-02 at 22:50. Reason: Merged three posts

  2. #2
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,067

    Default

    hi robodomo

    Do this; Click on Start> and in the search field type in: msconfig and click enter.
    Windows System config Editor will open up.
    Under the startup tab look for this line: CMD => cmd.exe /c start http://adverttraff.org && exit
    Uncheck the box next to that line and click ok.
    Reboot machine at the prompt.
    How Can I Reduce My Risk?

  3. #3
    Junior Member
    Join Date
    Oct 2014
    Posts
    3

    Default

    I checked and did this and it does not pop up after restart. Do you know if this method deletes it? or is it just superficial method to make it go away but its still there?

  4. #4
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,067

    Default

    Well, its just a command/script that runs at start up. Unchecking it just means that line wont be executed at start up. The line thats still there is harmless by itself.

    If you download the free Ccleaner under the Tools button>Startup you can click on that line and delete it. Its also good for other things although I prefer the also free PrivaZer which dosnt have a option to delete msconfig lines.

    This is one way to control what runs at start up but obviously some things need to run like your AV or antimalware, firewall etc. Be careful what you disable if you use it.
    If all is good- Some malware prevention tips in link below. Happy Safe Surfing.
    How Can I Reduce My Risk?

  5. #5
    Junior Member
    Join Date
    Oct 2014
    Posts
    3

    Default

    Alright, thank you very much. This solves my problem.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •