[TheWolfKillz]

Hello there, I'm new here and have been having this problem for months now. I'm not sure what kind of information I need to post either. There are random proccess that open on my windows 7 desktop and sometimes they take up over 1milKB of memory. If I end the process it seems like a new ones pop up. I've been searching on the internet of this problem and nothing is showing up. Anti virus' arent helping either. ):
Any help would be appreciated!

 

http://gyazo.com/b40...906a8d255bd75ef

http://gyazo.com/b2e...1142fc08e760bdf

Pictures of task manager

[Advertisements]

Hello and Welcome!

My name is Dan, and I'll be helping you with your issues. If someone else is helping you, either here or at another malware removal assistance site, please let me know so that I may direct my efforts to helping another user.  The Staff at Geeks To Go are ALL volunteers; please keep that in mind if I don’t answer your post as quickly as you’d like. I give what time I can.  PLEASE be patient.

I am currently in training, so there will be another person reviewing my work.  This may cause a bit of a delay in my responses, but on the positive side, you will have two sets of eyes reviewing your logs instead of one...
 

• Please note that you should have Administrator rights to perform any fixes.
   
• Before we proceed, you may wish to print these instructions for easy reference during the fix.  Please be aware that many of the required URLs are hyperlinks in the blue names shown on your screen. Part of the fix may require you to be in Safe Mode, which might not allow you to access the internet, or my instructions.
   
• Please understand that malware removal is a complicated, multi-step process.  Therefore please stay with me until I tell you that your system is clean.  Attempting malware removal or clean-up yourself will only extend the time it will take to get your system clean.  If you get stuck or have questions, please stop and ask so I can help you.
   
• Be sure to back up any personal data files you need to keep (documents, photos, etc.) to a USB flash drive or external hard disk.  While every attempt will be made to precisely repair the infections on your computer, due to the complexity and unpredictability of malware clean-up, there is always a risk of data loss.
   
• When posting logs, please Copy & Paste the log file contents into a reply.  Use multiple posts if necessary, but please do not attach them or post them on a file hosting site.

OK, let's get started...

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 

• Right click on FRST on your Desktop and choose Run as Administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens, if asked, click Yes to disclaimer.
• Make sure the Addition.txt check-box is checked.
• Press Scan button.
• It will produce two logs called FRST.txt and Addition.txt in the same directory the tool is run from.
• Please copy and paste the contents of both of those logs back here.

 

[DanoNH]

Hello and Welcome!

My name is Dan, and I'll be helping you with your issues. If someone else is helping you, either here or at another malware removal assistance site, please let me know so that I may direct my efforts to helping another user.  The Staff at Geeks To Go are ALL volunteers; please keep that in mind if I don’t answer your post as quickly as you’d like. I give what time I can.  PLEASE be patient.

I am currently in training, so there will be another person reviewing my work.  This may cause a bit of a delay in my responses, but on the positive side, you will have two sets of eyes reviewing your logs instead of one...
 

• Please note that you should have Administrator rights to perform any fixes.
   
• Before we proceed, you may wish to print these instructions for easy reference during the fix.  Please be aware that many of the required URLs are hyperlinks in the blue names shown on your screen. Part of the fix may require you to be in Safe Mode, which might not allow you to access the internet, or my instructions.
   
• Please understand that malware removal is a complicated, multi-step process.  Therefore please stay with me until I tell you that your system is clean.  Attempting malware removal or clean-up yourself will only extend the time it will take to get your system clean.  If you get stuck or have questions, please stop and ask so I can help you.
   
• Be sure to back up any personal data files you need to keep (documents, photos, etc.) to a USB flash drive or external hard disk.  While every attempt will be made to precisely repair the infections on your computer, due to the complexity and unpredictability of malware clean-up, there is always a risk of data loss.
   
• When posting logs, please Copy & Paste the log file contents into a reply.  Use multiple posts if necessary, but please do not attach them or post them on a file hosting site.

OK, let's get started...

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 

• Right click on FRST on your Desktop and choose Run as Administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens, if asked, click Yes to disclaimer.
• Make sure the Addition.txt check-box is checked.
• Press Scan button.
• It will produce two logs called FRST.txt and Addition.txt in the same directory the tool is run from.
• Please copy and paste the contents of both of those logs back here.

 

[TheWolfKillz]

I cannot make a backup today, but here are the txt files.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by Monika (administrator) on THEKILLER on 21-02-2015 02:25:53
Running from C:\Users\Monika\Downloads
Loaded Profiles: Monika (Available profiles: Monika)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJHE.EXE
(EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Curse, Inc) C:\Users\Monika\AppData\Roaming\Curse Client\Bin\Curse.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Chicony) C:\Program Files (x86)\Thermaltake Ttesports Ultimate\Ttsystray3.exe
(Chicony) C:\Program Files (x86)\Thermaltake Ttesports Ultimate\tTOSD2k1001.exe
(Thermaltake) C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS THERON\Theron.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dropbox, Inc.) C:\Users\Monika\AppData\Roaming\Dropbox\bin\Dropbox.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.82.106.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.82.106.0\OverwolfHelper64.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.82.106.0\OverwolfBrowser.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\Purplizer.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Spotify Ltd) C:\Users\Monika\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Monika\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Monika\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Monika\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Monika\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Monika\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\SysWOW64\shrpubw.exe
(Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dvdupgrd.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhst3g.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dvdupgrd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-06] (Intel Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\btvstack.exe [1023104 2012-12-27] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe [801920 2012-12-27] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ChromeHelper] => C:\Program Files (x86)\Common Files\ChromeHelper\ChromeHelper.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [ChallengerUltimate] => C:\Program Files (x86)\Thermaltake Ttesports Ultimate\Ttsystray3.exe [1254912 2010-08-05] (Chicony)
HKLM-x32\...\Run: [ChallengerUltimateOSD] => C:\Program Files (x86)\Thermaltake Ttesports Ultimate\tTOSD2k1001.exe [634880 2010-08-05] (Chicony)
HKLM-x32\...\Run: [Tt eSPORTS THERON Gaming Mouse] => C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS THERON\THERON.exe [19853312 2012-02-01] (Thermaltake)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3282976517-464489140-710967569-1001\...\Run: [Spotify Web Helper] => C:\Users\Monika\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-13] (Spotify Ltd)
HKU\S-1-5-21-3282976517-464489140-710967569-1001\...\Run: [Google Update] => C:\Users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-01-28] (Google Inc.)
HKU\S-1-5-21-3282976517-464489140-710967569-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3282976517-464489140-710967569-1001\...\Run: [Facebook Update] => C:\Users\Monika\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-08] (Facebook Inc.)
HKU\S-1-5-21-3282976517-464489140-710967569-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-01-15] (Overwolf LTD)
HKU\S-1-5-21-3282976517-464489140-710967569-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
HKU\S-1-5-21-3282976517-464489140-710967569-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30878816 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3282976517-464489140-710967569-1001\...\Run: [Spotify] => C:\Users\Monika\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-13] (Spotify Ltd)
HKU\S-1-5-21-3282976517-464489140-710967569-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3282976517-464489140-710967569-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3282976517-464489140-710967569-1001\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 243 more characters). <==== Poweliks!
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan)
Startup: C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\Monika\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
Startup: C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Monika\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3282976517-464489140-710967569-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3282976517-464489140-710967569-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> DefaultScope {3024780C-8805-4BB6-8A35-5EF877BCE473} URL = http://start.mysearc...r=286216617&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {3024780C-8805-4BB6-8A35-5EF877BCE473} URL = http://start.mysearc...r=286216617&ir=
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3282976517-464489140-710967569-1001 -> DefaultScope {5297C6F9-F26D-4464-928D-B87CC346D320} URL = https://search.yahoo...p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3282976517-464489140-710967569-1001 -> {3024780C-8805-4BB6-8A35-5EF877BCE473} URL = http://start.mysearc...r=286216617&ir=
SearchScopes: HKU\S-1-5-21-3282976517-464489140-710967569-1001 -> {5297C6F9-F26D-4464-928D-B87CC346D320} URL = https://search.yahoo...p={SearchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\wmz80k0m.default-1408211507024
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3282976517-464489140-710967569-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Monika\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3282976517-464489140-710967569-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Monika\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-3282976517-464489140-710967569-1001: @talk.google.com/O1DPlugin -> C:\Users\Monika\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-3282976517-464489140-710967569-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Monika\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3282976517-464489140-710967569-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Monika\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Monika\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Monika\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Adblock Plus - C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\wmz80k0m.default-1408211507024\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-16]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-02-05]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-02-05]

Chrome:
=======
CHR Profile: C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-12]
CHR Extension: (Google Docs) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-12]
CHR Extension: (Google Drive) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-12]
CHR Extension: (YouTube) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-12]
CHR Extension: (Google Search) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-12]
CHR Extension: (Google Sheets) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-12]
CHR Extension: (SiteAdvisor) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-02-21]
CHR Extension: (AdBlock) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-12]
CHR Extension: (Skype Click to Call) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-11-11]
CHR Extension: (Google Wallet) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-12]
CHR Extension: (Gmail) - C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-12]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-06]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-06] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-16] (Intel Corporation)
S3 iumsvc; c:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-07-16] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154320 2014-12-03] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2014-10-06] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2014-10-01] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-09-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-07-30] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-01-15] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-10-13] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [347464 2015-02-20] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-23] (SoftThinks SAS)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-11-19] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-12-27] (Atheros)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-01-15] (Intel Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-20] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-28] (Riverbed Technology, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 Thermnaltake MS6 Filter; C:\Windows\System32\Drivers\MS6Filter.sys [57200 2011-08-01] (Thermaltake)
R3 Thermnaltake MS6 Filter; C:\Windows\SysWOW64\Drivers\MS6Filter.sys [31488 2011-08-01] (Thermaltake) [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-07-01] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-07-01] (Microsoft Corporation) [File not signed]
R3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-21 02:25 - 2015-02-21 02:26 - 00038319 _____ () C:\Users\Monika\Downloads\FRST.txt
2015-02-21 02:25 - 2015-02-21 02:25 - 02086912 _____ (Farbar) C:\Users\Monika\Downloads\FRST64.exe
2015-02-21 02:25 - 2015-02-21 02:25 - 00000000 ____D () C:\FRST
2015-02-21 02:24 - 2015-02-21 02:24 - 01126400 _____ (Farbar) C:\Users\Monika\Downloads\FRST.exe
2015-02-21 00:27 - 2015-02-21 00:28 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Monika\Downloads\tdsskiller.exe
2015-02-21 00:22 - 2015-02-21 00:22 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Monika\Downloads\rkill.exe
2015-02-20 14:22 - 2015-02-20 14:22 - 00000000 ____D () C:\Users\Monika\AppData\Local\Steam
2015-02-20 14:13 - 2015-02-20 14:13 - 00000000 ___RD () C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-02-20 01:01 - 2015-02-20 01:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-02-20 01:01 - 2015-02-20 01:01 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-02-15 19:04 - 2015-02-15 19:04 - 00814684 _____ () C:\Users\Monika\Downloads\Custom_Desktop_Logo_V2.1.zip
2015-02-15 19:04 - 2015-02-15 19:04 - 00000000 ____D () C:\Users\Monika\Desktop\Custom_Desktop_Logo_V2.1
2015-02-11 12:12 - 2015-01-22 23:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-11 12:12 - 2015-01-22 23:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 12:12 - 2015-01-22 22:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-11 12:12 - 2015-01-22 22:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-10 18:08 - 2015-01-14 00:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 18:08 - 2015-01-14 00:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 18:08 - 2015-01-11 22:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 18:08 - 2015-01-11 22:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-10 18:08 - 2015-01-11 22:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-10 18:08 - 2015-01-11 21:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-10 18:08 - 2015-01-11 21:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 18:08 - 2015-01-11 21:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 18:08 - 2015-01-11 21:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-10 18:08 - 2015-01-11 21:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 18:08 - 2015-01-11 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-10 18:08 - 2015-01-11 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-10 18:08 - 2015-01-11 21:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-10 18:08 - 2015-01-11 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-10 18:08 - 2015-01-11 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-10 18:08 - 2015-01-11 21:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 18:08 - 2015-01-11 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-10 18:08 - 2015-01-11 21:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-10 18:08 - 2015-01-11 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 18:08 - 2015-01-11 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 18:08 - 2015-01-11 21:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 18:08 - 2015-01-11 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-10 18:08 - 2015-01-11 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 18:08 - 2015-01-11 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-10 18:08 - 2015-01-11 21:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-10 18:08 - 2015-01-11 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 18:08 - 2015-01-11 21:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-10 18:08 - 2015-01-11 21:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 18:08 - 2015-01-11 21:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-10 18:08 - 2015-01-11 20:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-10 18:08 - 2015-01-11 20:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-10 18:08 - 2015-01-11 20:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-10 18:08 - 2015-01-11 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 18:08 - 2015-01-11 20:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 18:08 - 2015-01-11 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 18:08 - 2015-01-11 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-10 18:08 - 2015-01-11 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 18:08 - 2015-01-11 20:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 18:08 - 2015-01-11 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 18:08 - 2015-01-11 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-10 18:08 - 2015-01-11 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-10 18:08 - 2015-01-11 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-10 18:08 - 2015-01-11 20:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 18:08 - 2015-01-11 20:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 18:08 - 2015-01-11 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 18:08 - 2015-01-11 20:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-10 18:08 - 2015-01-11 20:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 18:08 - 2015-01-11 20:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 18:08 - 2015-01-11 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 18:08 - 2015-01-11 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 18:08 - 2015-01-11 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 18:08 - 2015-01-11 19:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 18:08 - 2015-01-10 01:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-10 18:08 - 2015-01-10 01:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 18:08 - 2015-01-10 01:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-10 18:08 - 2015-01-10 01:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-10 18:08 - 2015-01-10 01:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-10 18:08 - 2015-01-10 01:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-10 18:08 - 2015-01-10 01:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-10 18:08 - 2015-01-10 01:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-10 18:08 - 2015-01-10 01:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-10 18:08 - 2015-01-10 01:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 18:08 - 2015-01-10 01:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-10 18:08 - 2015-01-10 01:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-10 18:08 - 2015-01-10 01:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-10 18:08 - 2015-01-10 01:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-10 18:07 - 2015-01-15 03:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 18:07 - 2015-01-15 03:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-10 18:07 - 2015-01-15 03:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-10 18:07 - 2015-01-15 03:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-10 18:07 - 2015-01-15 03:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-10 18:07 - 2015-01-15 03:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-10 18:07 - 2015-01-15 03:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-10 18:07 - 2015-01-15 03:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-10 18:07 - 2015-01-15 03:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-10 18:07 - 2015-01-15 03:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-10 18:07 - 2015-01-15 03:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-10 18:07 - 2015-01-15 02:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-10 18:07 - 2015-01-15 02:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-10 18:07 - 2015-01-15 02:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-10 18:07 - 2015-01-15 02:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-10 18:07 - 2015-01-15 02:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-10 18:07 - 2015-01-15 02:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-10 18:07 - 2015-01-14 23:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 18:07 - 2015-01-14 01:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 18:07 - 2015-01-14 01:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-10 18:07 - 2015-01-14 01:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-10 18:07 - 2015-01-14 01:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-10 18:07 - 2015-01-14 00:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-10 18:07 - 2015-01-14 00:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-10 18:07 - 2015-01-14 00:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-10 18:07 - 2015-01-12 22:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 18:07 - 2015-01-12 21:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 18:07 - 2014-12-12 00:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-10 18:07 - 2014-12-12 00:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-10 18:07 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 18:07 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 18:07 - 2014-11-25 22:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 18:07 - 2014-11-25 22:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 18:07 - 2014-10-03 21:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-10 18:07 - 2014-10-03 20:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-10 18:07 - 2014-10-03 20:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-10 18:06 - 2015-01-08 21:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 15:41 - 2015-02-10 15:41 - 00000000 ____D () C:\mcbrwctl.dll
2015-02-10 15:11 - 2015-02-21 00:02 - 00003484 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-02-10 15:11 - 2015-02-10 15:11 - 00004034 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-02-10 15:11 - 2015-02-10 15:11 - 00003222 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-02-10 15:11 - 2015-02-10 15:11 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-02-10 15:11 - 2015-02-10 15:11 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-02-10 15:10 - 2015-02-10 15:10 - 00000000 ____D () C:\Program Files\Dell
2015-02-05 11:42 - 2015-02-05 11:42 - 00000000 ____D () C:\ProgramDataSiteAdvisorSiteAdvisor
2015-02-05 11:42 - 2015-02-05 11:42 - 00000000 ____D () C:\ProgramDataSiteAdvisor
2015-02-05 05:56 - 2015-02-05 05:56 - 00000000 ____D () C:\Windows\SysWOW64\SiteAdvisor
2015-02-05 01:37 - 2015-02-05 01:37 - 00001878 _____ () C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
2015-02-05 01:37 - 2015-02-05 01:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-02-05 01:34 - 2015-02-05 01:34 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
2015-02-05 01:34 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-02-05 01:31 - 2015-02-07 02:26 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-02-05 01:31 - 2015-02-05 01:37 - 00000000 ____D () C:\Program Files\McAfee
2015-02-05 01:31 - 2015-02-05 01:35 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-02-05 01:31 - 2015-02-05 01:31 - 00000000 ____D () C:\Program Files\McAfee.com
2015-02-05 01:31 - 2014-10-01 12:18 - 00189920 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2015-02-05 01:24 - 2015-02-05 01:26 - 256204144 _____ (McAfee, Inc.) C:\Users\Monika\Downloads\OneClickTrial.exe
2015-02-01 12:52 - 2015-02-01 12:52 - 01085336 _____ (EnTech Taiwan ) C:\Users\Monika\Downloads\ddmsetup1500.exe
2015-02-01 12:34 - 2015-02-01 12:35 - 00869744 _____ () C:\Windows\Minidump\020115-25022-01.dmp
2015-02-01 12:34 - 2015-02-01 12:34 - 856942187 _____ () C:\Windows\MEMORY.DMP
2015-01-26 12:53 - 2015-01-26 12:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-25 21:54 - 2015-02-20 15:14 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 21:54 - 2015-01-25 21:54 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-25 21:54 - 2015-01-25 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-25 21:54 - 2015-01-25 21:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-25 21:54 - 2015-01-25 21:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-25 21:54 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-25 21:54 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-25 21:54 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-25 21:53 - 2015-01-25 21:53 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Monika\Downloads\mbam-setup-2.0.4.1028.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-21 02:22 - 2014-01-12 16:08 - 00000000 ____D () C:\Users\Monika\AppData\Local\CrashDumps
2015-02-21 02:21 - 2014-01-28 18:25 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001UA.job
2015-02-21 02:15 - 2013-11-19 10:20 - 01533112 _____ () C:\Windows\WindowsUpdate.log
2015-02-21 02:09 - 2013-11-19 08:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-21 02:00 - 2013-12-26 22:51 - 00000000 ____D () C:\Users\Monika\AppData\Local\Adobe
2015-02-21 01:44 - 2014-10-12 00:27 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 01:15 - 2014-08-01 17:24 - 00000000 ____D () C:\Users\Monika\AppData\Local\Purplizer
2015-02-21 01:15 - 2013-12-26 21:26 - 00000000 ____D () C:\Users\Monika\AppData\Roaming\Spotify
2015-02-21 01:14 - 2014-12-17 17:28 - 00000000 ____D () C:\Users\Monika\Documents\ArcheAge
2015-02-21 00:17 - 2014-12-17 12:52 - 00000000 ____D () C:\Program Files (x86)\Glyph
2015-02-21 00:16 - 2014-12-06 15:01 - 00007916 _____ () C:\Windows\setupact.log
2015-02-21 00:03 - 2014-06-01 21:50 - 00082411 _____ () C:\Windows\system32\lvcoinst.log
2015-02-20 23:45 - 2014-07-08 13:40 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001UA.job
2015-02-20 23:08 - 2013-12-27 01:05 - 00347464 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-20 23:08 - 2013-12-27 00:49 - 00347464 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-20 23:08 - 2013-12-26 23:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-20 18:21 - 2014-01-28 18:25 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001Core.job
2015-02-20 14:48 - 2013-12-26 21:49 - 00000000 ____D () C:\Users\Monika\AppData\Roaming\Skype
2015-02-20 14:45 - 2014-07-08 13:40 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001Core.job
2015-02-20 14:29 - 2013-12-27 00:49 - 00347464 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-02-20 14:23 - 2009-07-13 23:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-20 14:23 - 2009-07-13 23:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-20 14:22 - 2013-11-19 08:42 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-02-20 14:19 - 2009-07-14 00:13 - 00783606 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-20 14:17 - 2014-02-26 14:03 - 00000000 ___RD () C:\Users\Monika\Dropbox
2015-02-20 14:16 - 2014-08-01 02:34 - 00000000 ____D () C:\Users\Monika\AppData\Local\Overwolf
2015-02-20 14:16 - 2014-02-26 14:00 - 00000000 ____D () C:\Users\Monika\AppData\Roaming\Dropbox
2015-02-20 14:14 - 2014-06-20 16:11 - 00000000 ____D () C:\Users\Monika\AppData\Local\LogMeIn Hamachi
2015-02-20 14:14 - 2013-12-26 21:27 - 00000000 ____D () C:\Users\Monika\AppData\Local\Spotify
2015-02-20 14:13 - 2014-10-12 00:27 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-20 14:13 - 2013-11-19 10:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-20 14:13 - 2010-11-20 22:47 - 01534868 _____ () C:\Windows\PFRO.log
2015-02-20 14:13 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-19 20:46 - 2014-10-12 00:28 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-17 03:26 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-02-16 16:20 - 2014-06-24 08:29 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-02-13 12:04 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 18:46 - 2014-02-26 14:03 - 00001025 _____ () C:\Users\Monika\Desktop\Dropbox.lnk
2015-02-12 18:46 - 2014-02-26 14:01 - 00000000 ____D () C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-11 11:57 - 2014-08-06 15:59 - 00000000 ____D () C:\Users\Monika\AppData\Roaming\Curse Client
2015-02-11 03:37 - 2009-07-13 23:45 - 04898048 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 03:13 - 2014-06-01 21:46 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 03:03 - 2014-06-01 21:45 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 15:11 - 2013-11-19 08:38 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-02-10 15:10 - 2013-11-19 08:42 - 00000000 ____D () C:\ProgramData\PCDr
2015-02-08 23:13 - 2015-01-18 15:11 - 00000000 ____D () C:\Users\Monika\AppData\Local\FluxSoftware
2015-02-06 14:19 - 2013-11-19 08:27 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-06 14:19 - 2013-11-19 08:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-06 14:19 - 2013-11-19 08:27 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-06 08:39 - 2014-10-12 00:27 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-06 08:39 - 2014-10-12 00:27 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-06 03:23 - 2013-12-26 21:01 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-05 09:09 - 2014-07-20 16:34 - 00000000 _RSHD () C:\Users\Monika\t19zkij
2015-02-05 01:37 - 2009-07-13 21:34 - 00000435 _____ () C:\Windows\win.ini
2015-02-04 18:16 - 2014-01-28 18:25 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001UA
2015-02-04 18:16 - 2014-01-28 18:25 - 00003492 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001Core
2015-02-04 18:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-01 12:52 - 2014-12-31 00:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Display Manager
2015-02-01 12:34 - 2014-07-21 15:18 - 00000000 ____D () C:\Windows\Minidump
2015-02-01 12:34 - 2013-12-26 20:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-29 22:04 - 2013-12-26 20:59 - 00000000 ____D () C:\Users\Monika\AppData\Roaming\Mozilla
2015-01-25 16:38 - 2014-08-01 02:34 - 00000000 ____D () C:\Program Files (x86)\Overwolf

==================== Files in the root of some directories =======

2014-02-22 23:18 - 2014-09-27 00:43 - 0000132 _____ () C:\Users\Monika\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-07-21 10:24 - 2014-07-21 10:24 - 0071701 _____ () C:\Users\Monika\AppData\Roaming\sample.wav
2014-07-09 18:22 - 2014-07-09 18:24 - 0001456 _____ () C:\Users\Monika\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-12-26 21:59 - 2013-12-26 21:59 - 0007602 _____ () C:\Users\Monika\AppData\Local\Resmon.ResmonCfg

Files to move or delete:
====================
C:\Users\Monika\gosetup.exe


Some content of TEMP:
====================
C:\Users\Monika\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp8rauu.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-13 11:56

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by Monika at 2015-02-21 02:27:10
Running from C:\Users\Monika\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3282976517-464489140-710967569-1001\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Actual Transparent Window 8.1.1 (HKLM-x32\...\Actual Transparent Windows_is1) (Version: 8.1.1 - Actual Tools)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.11 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archeage (HKLM-x32\...\Glyph Archeage) (Version:  - Trion Worlds, Inc.)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.170 - Atheros)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version:  - EnTech Taiwan)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Download Navigator (HKLM-x32\...\{3A3A3B34-6EA2-4031-8580-D66D29533E89}) (Version: 3.4.0 - SEIKO EPSON CORPORATION)
Dropbox (HKU\S-1-5-21-3282976517-464489140-710967569-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-3540 Series Printer Uninstall (HKLM\...\EPSON WF-3540 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Firefall (HKLM-x32\...\Steam App 227700) (Version:  - Red 5 Studios)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.13.1402 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.2.1001 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1367 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.156 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA 3D Vision Controller Driver 332.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.17 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 332.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.17 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.17 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.29.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.29.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{a073e04d-3163-4429-b98d-7ff957a8dd68}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.82.106.0 - Overwolf Ltd.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PixelJunk Eden (HKLM-x32\...\Steam App 105800) (Version:  - Q-Games, Ltd.)
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)
Shelter (HKLM-x32\...\Steam App 244710) (Version:  - Might and Delight)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3282976517-464489140-710967569-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Plan (HKLM-x32\...\Steam App 250600) (Version:  - Krillbite Studio)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Toontown Rewritten (HKLM-x32\...\Toontown Rewritten) (Version: 00.00.00.00 - The TTR Team)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)
Tt eSPORTS Challenger Ultimate (HKLM-x32\...\{D65D9706-6D6D-42E8-A11A-63E3AFECBBC1}) (Version: 2.0.2.0 - Tt eSPORTS)
Tt eSPORTS THERON (HKLM-x32\...\{B50AB875-64A2-4D12-BB48-B15611B48CE0}) (Version: 1.0.0 - Tt eSPORTS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warframe (HKLM-x32\...\{021D0843-82DE-4E2C-8F71-8561DC352139}) (Version: 1.0.0 - Digital Extremes)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XSplit Broadcaster (HKLM-x32\...\{6459F338-FE52-4034-BCA7-74772DA0F24D}) (Version: 1.3.1403.1202 - SplitMediaLabs)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Monika\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Monika\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Monika\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Monika\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 251 more characters). <==== Poweliks?
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Monika\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Monika\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Monika\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\neth.dll No File
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Monika\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3282976517-464489140-710967569-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Monika\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

15-02-2015 04:29:23 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03AE3419-8931-48EA-9D62-3DA9136CEC81} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {0A68CDFB-D0A4-43A4-8F13-9FF04677FBC2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001UA => C:\Users\Monika\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-08] (Facebook Inc.)
Task: {28AA83CF-78AB-4E52-8CA1-97619B9F358A} - System32\Tasks\{4A994AD5-CF00-434E-B3B6-E6B1B3DC6D46} => C:\Program Files (x86)\Transparent Windows\Transparent.exe
Task: {34E9A0E5-048D-4C2B-9241-C91FD2A7C9CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001Core => C:\Users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-28] (Google Inc.)
Task: {3538996A-839B-49DE-BC2E-3827C57C10F1} - System32\Tasks\{5471CE9C-51DF-4FD6-A7B0-7729E2CB766C} => C:\Program Files (x86)\Transparent Windows\Transparent.exe
Task: {36BE74C4-E6B8-4E76-8C44-EED8FF6E78F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-12] (Google Inc.)
Task: {380F292B-C0C9-4B04-8223-4158CB1630EE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {4020726B-CEAC-4D04-B15E-A071C170221F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => c:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {5BC244AA-7226-4041-BD7E-63E8F378A16C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.)
Task: {6452AC89-BCB7-441A-A1AE-AA7E15D71AC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-12] (Google Inc.)
Task: {70C1DF5D-0D6B-4E3B-B4C4-3F48C8E44577} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {80D5356B-C7C8-44F4-A710-4C5EFE999BDB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8E0BC9A1-65AB-49D8-9C06-1EA2E5F60DEB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001Core => C:\Users\Monika\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-08] (Facebook Inc.)
Task: {8F7E6503-0776-4D5E-9781-F9134E1761AA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {94D07956-1C01-4020-838E-698B486EA1D5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001UA => C:\Users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-28] (Google Inc.)
Task: {A6EE61A5-4440-4C7D-94A7-AB2815BD0648} - System32\Tasks\{5A2EFF12-549B-4D87-A10B-088B03860D2E} => pcalua.exe -a C:\Users\Monika\Downloads\forge-1.7.10-10.13.0.1180-installer-win.exe -d C:\Users\Monika\Downloads
Task: {A825C53B-790A-437E-AC40-E0EBAF4E7AB5} - System32\Tasks\AdobeAAMUpdater-1.0-TheKiller-Monika => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {AC8B8BF3-3A4C-4525-90A7-994BB0351D95} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {BB39EBA1-FD4D-4F21-AED8-BABD7CEDF924} - System32\Tasks\{AD5B4007-DF2C-4592-82B2-54EBFC3ACDE3} => pcalua.exe -a C:\Users\Monika\Downloads\forge-1.7.2-10.12.2.1121-installer-win.exe -d C:\Users\Monika\Downloads
Task: {C6F0E3F7-F676-4BA3-B3CE-B59F7FCC5A50} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-01-15] (Overwolf LTD)
Task: {CB7429A3-2E16-4025-81CC-A77A3020870E} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001Core.job => C:\Users\Monika\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001UA.job => C:\Users\Monika\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001Core.job => C:\Users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3282976517-464489140-710967569-1001UA.job => C:\Users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-11-19 10:20 - 2013-12-17 16:37 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-27 00:49 - 2014-10-13 20:14 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-11-19 08:43 - 2013-04-19 16:51 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2013-11-19 08:43 - 2013-04-19 16:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll
2013-11-19 08:43 - 2013-04-19 16:51 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2013-11-19 08:43 - 2013-04-19 16:51 - 00034080 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2013-11-19 08:43 - 2013-04-19 16:51 - 00023328 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2013-12-27 00:49 - 2015-02-20 23:08 - 00347464 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2013-12-26 21:27 - 2014-12-13 01:01 - 00374840 _____ () C:\Users\Monika\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00025600 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\CoreAudioApi.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 38713856 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\libcef.DLL
2014-05-19 16:04 - 2014-05-19 16:04 - 00307712 _____ () C:\Users\Monika\AppData\Roaming\Curse Client\Bin\opus.dll
2014-05-19 16:05 - 2014-05-19 16:05 - 00437248 _____ () C:\Users\Monika\AppData\Roaming\Curse Client\Bin\WebRTC_CSharpWrapper.dll
2014-07-26 14:42 - 2010-08-05 13:39 - 00045056 _____ () C:\Program Files (x86)\Thermaltake Ttesports Ultimate\WMINPUT.DLL
2014-07-26 14:45 - 2012-01-19 09:31 - 00860160 _____ () C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS THERON\Ms6Osd.dll
2015-02-10 16:00 - 2015-02-10 16:00 - 00750080 _____ () C:\Users\Monika\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-20 14:14 - 2015-02-20 14:14 - 00043008 _____ () c:\users\monika\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp8rauu.dll
2015-02-10 16:00 - 2015-02-10 16:00 - 00047616 _____ () C:\Users\Monika\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 16:00 - 2015-02-10 16:00 - 00865280 _____ () C:\Users\Monika\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 16:00 - 2015-02-10 16:00 - 00200704 _____ () C:\Users\Monika\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00514528 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\libglesv2.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00105952 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\libegl.dll
2013-11-19 08:31 - 2013-07-16 20:39 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 01274655 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\libxml2-2.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00100352 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\zlib1.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00028160 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\libssp-0.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00373657 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\plugins\libmsn.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00021337 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\plugins\libxmpp.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00415553 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\libjabber.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00190464 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\libsasl.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00022832 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\plugins\libyahoo.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00228908 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\libymsg.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00027811 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\plugins\ssl-nss.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00012004 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\plugins\ssl.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00140288 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\sasl2\saslDIGESTMD5.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00102912 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\sasl2\saslPLAIN.dll
2015-01-15 04:04 - 2015-01-15 04:04 - 00425984 _____ () C:\Program Files (x86)\Overwolf\0.82.106.0\Purplizer\sqlite3.dll
2013-12-26 23:36 - 2014-11-11 13:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-30 15:00 - 2014-12-01 19:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-30 15:00 - 2014-12-01 19:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-30 15:00 - 2014-12-01 19:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-21 16:06 - 2015-02-18 18:51 - 02360000 _____ () C:\Program Files (x86)\Steam\video.dll
2014-09-15 21:10 - 2014-12-01 16:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-15 21:10 - 2014-12-01 16:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-15 21:10 - 2014-12-01 16:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-15 21:10 - 2014-12-01 16:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-15 21:10 - 2014-12-01 16:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-12-26 23:36 - 2015-02-18 18:51 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-12-26 23:36 - 2015-01-27 20:30 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-11-19 08:43 - 2013-05-02 17:01 - 01813792 _____ () C:\Program Files (x86)\Dell Backup and Recovery\OLCoreWrapper.dll
2015-01-26 12:53 - 2015-01-26 12:53 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-26 21:27 - 2014-12-13 01:01 - 36966968 _____ () C:\Users\Monika\AppData\Roaming\Spotify\Data\libcef.dll
2014-07-18 12:17 - 2014-12-13 01:01 - 00867896 _____ () C:\Users\Monika\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2013-12-26 21:27 - 2014-12-13 01:01 - 00886840 _____ () C:\Users\Monika\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-12-26 21:27 - 2014-12-13 01:01 - 00108600 _____ () C:\Users\Monika\AppData\Roaming\Spotify\Data\libegl.dll
2015-02-06 02:09 - 2015-02-06 14:19 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft:axxJcGPNpO9GcWXB06pzh46M
AlternateDataStreams: C:\ProgramData\Microsoft:dKytVRlomlUudnGuHgtDzNO
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\Users\Monika\Cookies:RF0LeKXUVBXR30UyYx2MzWt
AlternateDataStreams: C:\Users\Monika\Local Settings:lKCBBrFWPsF0hJDNmoeaZlZ
AlternateDataStreams: C:\Users\Monika\AppData\Local:lKCBBrFWPsF0hJDNmoeaZlZ
AlternateDataStreams: C:\Users\Monika\AppData\Local\Application Data:lKCBBrFWPsF0hJDNmoeaZlZ

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3282976517-464489140-710967569-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.76.76 - 75.75.75.75

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3282976517-464489140-710967569-500 - Administrator - Disabled)
Guest (S-1-5-21-3282976517-464489140-710967569-501 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3282976517-464489140-710967569-1002 - Administrator - Enabled)
Monika (S-1-5-21-3282976517-464489140-710967569-1001 - Administrator - Enabled) => C:\Users\Monika

==================== Faulty Device Manager Devices =============

Name: D6616
Description: D6616
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dell Wireless 1703 802.11b/g/n (2.4GHz)
Description: Dell Wireless 1703 802.11b/g/n (2.4GHz)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/21/2015 02:21:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17631, time stamp: 0x4a5bc3e7
Faulting module name: MSHTML.dll, version: 11.0.9600.17631, time stamp: 0x54b33039
Exception code: 0xc00000fd
Fault offset: 0x0012097f
Faulting process id: 0x509c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (02/21/2015 02:16:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17631, time stamp: 0x4a5bcd6e
Faulting module name: MSHTML.dll, version: 11.0.9600.17631, time stamp: 0x54b33039
Exception code: 0xc00000fd
Fault offset: 0x0011f71c
Faulting process id: 0x3820
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (02/21/2015 02:09:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SpotifyWebHelper.exe, version: 0.9.15.27, time stamp: 0x54803b75
Faulting module name: SpotifyWebHelper.exe, version: 0.9.15.27, time stamp: 0x54803b75
Exception code: 0xc0000005
Fault offset: 0x00012397
Faulting process id: 0x1384
Faulting application start time: 0xSpotifyWebHelper.exe0
Faulting application path: SpotifyWebHelper.exe1
Faulting module path: SpotifyWebHelper.exe2
Report Id: SpotifyWebHelper.exe3

Error: (02/21/2015 01:48:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17631, time stamp: 0x4a5bc959
Faulting module name: MSHTML.dll, version: 11.0.9600.17631, time stamp: 0x54b33039
Exception code: 0xc00000fd
Fault offset: 0x0012097f
Faulting process id: 0x29f0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (02/21/2015 00:07:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17631, time stamp: 0x4a5bc6b8
Faulting module name: MSHTML.dll, version: 11.0.9600.17631, time stamp: 0x54b33039
Exception code: 0xc00000fd
Fault offset: 0x0012097f
Faulting process id: 0x3c5c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (02/20/2015 11:51:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17631, time stamp: 0x4a5bc6b8
Faulting module name: MSHTML.dll, version: 11.0.9600.17631, time stamp: 0x54b33039
Exception code: 0xc00000fd
Fault offset: 0x0012097f
Faulting process id: 0x46c0
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (02/20/2015 11:48:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17631, time stamp: 0x4a5bc959
Faulting module name: MSHTML.dll, version: 11.0.9600.17631, time stamp: 0x54b33039
Exception code: 0xc00000fd
Fault offset: 0x0011fe7c
Faulting process id: 0x3bd8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (02/20/2015 11:16:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17631, time stamp: 0x4a5bc6b8
Faulting module name: MSHTML.dll, version: 11.0.9600.17631, time stamp: 0x54b33039
Exception code: 0xc00000fd
Fault offset: 0x0012097f
Faulting process id: 0x3bac
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (02/20/2015 08:35:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17631, time stamp: 0x4a5bc292
Faulting module name: MSHTML.dll, version: 11.0.9600.17631, time stamp: 0x54b33039
Exception code: 0xc00000fd
Fault offset: 0x0012097f
Faulting process id: 0x2d40
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (02/20/2015 08:13:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17631, time stamp: 0x4a5bcbb9
Faulting module name: MSHTML.dll, version: 11.0.9600.17631, time stamp: 0x54b33039
Exception code: 0xc00000fd
Fault offset: 0x0011f71c
Faulting process id: 0x2868
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3


System errors:
=============
Error: (02/21/2015 00:15:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/21/2015 00:15:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Portable Device Enumerator Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/21/2015 00:15:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WLAN AutoConfig service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/21/2015 00:15:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/21/2015 00:15:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Distributed Link Tracking Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/21/2015 00:15:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/21/2015 00:15:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/21/2015 00:15:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Network Connections service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.

Error: (02/21/2015 00:15:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HomeGroup Listener service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (02/21/2015 00:15:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Human Interface Device Access service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (02/21/2015 02:21:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.176314a5bc3e7MSHTML.dll11.0.9600.1763154b33039c00000fd0012097f509c01d04da6dfbe6cc8C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll505bc873-b99a-11e4-b4c6-f8b156a95f8b

Error: (02/21/2015 02:16:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.176314a5bcd6eMSHTML.dll11.0.9600.1763154b33039c00000fd0011f71c382001d04da57d441d7aC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll9e7cf3b6-b999-11e4-b4c6-f8b156a95f8b

Error: (02/21/2015 02:09:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpotifyWebHelper.exe0.9.15.2754803b75SpotifyWebHelper.exe0.9.15.2754803b75c000000500012397138401d04d415b8d8da2C:\Users\Monika\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Users\Monika\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe87f680dd-b998-11e4-b4c6-f8b156a95f8b

Error: (02/21/2015 01:48:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.176314a5bc959MSHTML.dll11.0.9600.1763154b33039c00000fd0012097f29f001d04da1d7aefc5fC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dllb57e5daa-b995-11e4-b4c6-f8b156a95f8b

Error: (02/21/2015 00:07:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.176314a5bc6b8MSHTML.dll11.0.9600.1763154b33039c00000fd0012097f3c5c01d04d93ff85d357C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll88f3eef8-b987-11e4-b4c6-f8b156a95f8b

Error: (02/20/2015 11:51:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.176314a5bc6b8MSHTML.dll11.0.9600.1763154b33039c00000fd0012097f46c001d04d91ea623066C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll3e273e82-b985-11e4-b4c6-f8b156a95f8b

Error: (02/20/2015 11:48:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.176314a5bc959MSHTML.dll11.0.9600.1763154b33039c00000fd0011fe7c3bd801d04d9171b61260C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dllf07f6a1b-b984-11e4-b4c6-f8b156a95f8b

Error: (02/20/2015 11:16:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.176314a5bc6b8MSHTML.dll11.0.9600.1763154b33039c00000fd0012097f3bac01d04d8ce2507604C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll5bf97908-b980-11e4-b4c6-f8b156a95f8b

Error: (02/20/2015 08:35:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.176314a5bc292MSHTML.dll11.0.9600.1763154b33039c00000fd0012097f2d4001d04d7667b0ae90C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dllf229ae69-b969-11e4-b4c6-f8b156a95f8b

Error: (02/20/2015 08:13:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.176314a5bcbb9MSHTML.dll11.0.9600.1763154b33039c00000fd0011f71c286801d04d7371cbe144C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dllcda98099-b966-11e4-b4c6-f8b156a95f8b


CodeIntegrity Errors:
===================================
  Date: 2014-12-22 15:38:52.411
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-22 15:17:51.790
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-22 15:08:37.030
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-22 01:09:51.109
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-22 01:01:30.441
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-21 21:05:19.114
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-21 19:59:17.375
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-21 19:54:17.762
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-21 19:24:02.056
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-12-21 17:31:11.516
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxVoiceAPO2064.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 56%
Total physical RAM: 8143.23 MB
Available physical RAM: 3572.34 MB
Total Pagefile: 16284.64 MB
Available Pagefile: 8675.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:910.29 GB) (Free:683.16 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:21.18 GB) (Free:11.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 72DD4BD8)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=21.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=910.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[DanoNH]

Hello TheWolfKillz, 

 

Before we get started here, I have a few comments and questions:

 

Please read and follow ALL instructions very carefully.  If I ask you to download something to your DESKTOP, it is for a reason.  Some of the tools we use expect certain files to be in certain locations. 

1. Have you attempted cleanup yourself already?  I see TDSS Killer, rkill and some other tools either installed or running.
2. Are you being helped in another thread anywhere else?
3. Are you having difficulty accessing the Internet at all?
4. Are you able to download files with Internet Explorer?

I am working on your logs and hope to have my next steps approved soon.

 

Please, by all means, until I declare your system is clean, do NOT make system or program changes, or run ANY tools unless I specifically ask you to.

 

I'll be back soon... in the meantime, please answer my questions.  Thanks

[TheWolfKillz]

Hey there,
1. Yes I have, many times, and antiviruses did say they removed things. But this problem still happens.
2. No.

3. No.

4. I use Firefox, but if we really need to, I guess I can use IE.

 

Thank you for your time and help so far!

[DanoNH]

I'm still awaiting approval on my action steps for you.  There's no need to use IE, I was just wondering due to the items in your logs.

 

Not sure where you are, but I'm in GMT -5 time zone, and I wanted to let you know I'll on an airplane and traveling for work most of Monday.  But I'll check in periodically to get you going as soon as I have approval. 

[DanoNH]

Hello TheWolfKillz,
 
First
Run a FRST Fix

Download attached fixlist.txt file and save it to the DESKTOP.
 fixlist.txt   3.47KB   132 downloads

Delete the copy of FRST in your Downloads folder, and then download Farbar Recovery Scan Tool and save it to your DESKTOP.

(NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.)

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Run FRST/FRST64 from your DESKTOP and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop named Fixlog.txt. Please post the contents of that log file into your next reply.

 
Second
Run Junkware Removal Tool:

Please download Junkware Removal Tool to your DESKTOP.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Third
AdwCleaner by Xplode

Download AdwCleaner from here or from here. Save the file to the DESKTOP.

NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

• XP users: Double click the AdwCleaner icon to start the program.[
• Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
  You will see the following console:
  
• Click the Scan button and wait for the scan to finish.
• After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove. Please Do Not delete anything at this time.
• Click the Report button to get the log.
• Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
• Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.

Optional:

NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it

Finally
Please copy/paste the following logs in your next reply:

• fixlog.txt
• JRT log
• ADWCleaner log
• and tell me how the computer is running.

[DanoNH]

Hello, TheWolfKillz, maybe you missed my above reply. Are you still with me?

[TheWolfKillz]

Hey there, ment to get back on this, but I've been so busy with college. I will do what you told me tomorrow. Sorry for the wait!

[DanoNH]

No rush, and thanks for getting back to me. I will be traveling back home myself tomorrow, so it will probably be later in the day or first thing Saturday before I can get back to you. Please take care to follow the instructions carefully. It will make our job a bit easier later. Thanks!

[DanoNH]

Whenever you're ready to run through my steps in Post #7 and post the logs, I'm back home. 

[Essexboy]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.