1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

System performance issues

Discussion in 'Virus & Other Malware Removal' started by jayja, Jan 2, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. jayja

    jayja Thread Starter

    Joined:
    Oct 15, 2007
    Messages:
    44
    Hello, over the past several months I have been experiencing system performance issues-slow response, both on and off the internet. More recently, I have been getting pop up messages that my computer is not running genuine Windows. Windows Updates have been unable to install. I am wondering if I have malware or if the computer has reached its useful life. Any help would be appreciated. Jay.


    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz, Intel64 Family 6 Model 23 Stepping 10
    Processor Count: 2
    RAM: 2008 Mb
    Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 780 Mb
    Hard Drives: C: Total - 223434 MB, Free - 150591 MB;
    Motherboard: Dell Inc., 0G848F
    Antivirus: avast! Antivirus, Updated and Enabled
     
  2. jayja

    jayja Thread Starter

    Joined:
    Oct 15, 2007
    Messages:
    44
    Ran task manager when computer was bogged down tonight and observed multiple .exe*32 files running under the guise of Goggle Chrome but I do not have Chrome installed. When I tried to end these processes, they would re-start up. File name was prefmaahlfjr.exe*32, all files running had same name.
     
  3. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Hi Jayja,
    -----------------------------------------------------------
    Download and Run the Farbar Scan Tool
    • Download FRST64 and save to your Desktop.
    • Double click Frst64.exe to launch it.
    • FRST64 will start to run.
      • When the tool opens click Yes to disclaimer.
      • Press the Scan button.
      • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
      • Please post them in your next reply.
    If you lose track of them, they will be saved in the same location as FRST64.exe
    Feel free to use separate replies if it's more convenient.

    askey127
     
  4. jayja

    jayja Thread Starter

    Joined:
    Oct 15, 2007
    Messages:
    44
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
    Ran by Debra (administrator) on DEBRA-PC on 05-01-2015 08:31:19
    Running from C:\Users\Debra\Desktop
    Loaded Profile: Debra (Available profiles: Debra)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe
    (Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    (Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
    (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
    () C:\Program Files (x86)\Photodex\ProShowGold\scsiaccess.exe
    (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
    (Microsoft Corporation) C:\Windows\System32\vds.exe
    (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
    (Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
    (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
    (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
    (Microsoft Corporation) C:\Windows\System32\regsvr32.exe
    () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
    (SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
    () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    (AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
    (Freemake) C:\Program Files (x86)\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe
    (SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
    (SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftVss64.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
    (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe
    (Google Inc.) C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\prefmaahlfjr.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.)
    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-26] (IDT, Inc.)
    HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)
    HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.)
    HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
    HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
    HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] ()
    HKLM-x32\...\Run: [DellSupportCenter] => C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
    HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
    HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-12-15] ()
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5223016 2014-10-31] (AVAST Software)
    HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-11] (Softthinks)
    HKLM-x32\...\RunOnce: [STToasterLauncher] => C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe [120032 2010-08-11] ()
    Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-140690695-2300901712-3048348236-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1095000 2013-11-08] (Garmin Ltd or its subsidiaries)
    HKU\S-1-5-21-140690695-2300901712-3048348236-1000\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    HKU\S-1-5-21-140690695-2300901712-3048348236-1000\...\Run: [Xqxoitlm] => regsvr32.exe /s "C:\Users\Debra\AppData\Local\Apple\Xqxoitlm.dll" <===== ATTENTION
    HKU\S-1-5-21-140690695-2300901712-3048348236-1000\...\MountPoints2: E - E:\LaunchU3.exe -a
    HKU\S-1-5-21-140690695-2300901712-3048348236-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
    HKU\S-1-5-21-140690695-2300901712-3048348236-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
    HKU\S-1-5-21-140690695-2300901712-3048348236-1000\...\MountPoints2: {8b129162-734e-11e0-8694-f04da2a77af6} - E:\LaunchU3.exe -a
    Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
    ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
    ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll (AVAST Software)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-140690695-2300901712-3048348236-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
    HKU\S-1-5-21-140690695-2300901712-3048348236-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
    SearchScopes: HKLM -> DefaultScope {76A5E2F3-54F3-4C08-A165-A9CEBBF2E70F} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {76A5E2F3-54F3-4C08-A165-A9CEBBF2E70F} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> DefaultScope {9C78B4CB-30DC-41A2-BA5E-E8D54D491645} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {9C78B4CB-30DC-41A2-BA5E-E8D54D491645} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-140690695-2300901712-3048348236-1000 -> DefaultScope {76A5E2F3-54F3-4C08-A165-A9CEBBF2E70F} URL =
    SearchScopes: HKU\S-1-5-21-140690695-2300901712-3048348236-1000 -> {76A5E2F3-54F3-4C08-A165-A9CEBBF2E70F} URL =
    SearchScopes: HKU\S-1-5-21-140690695-2300901712-3048348236-1000 -> {9C78B4CB-30DC-41A2-BA5E-E8D54D491645} URL =
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    Toolbar: HKU\S-1-5-21-140690695-2300901712-3048348236-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
    DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com.../en/x86/MuCatalogWebControl.cab?1290176435856
    DPF: HKLM-x32 {8BC53B30-32E4-4ED3-BEF9-DB761DB77453} http://u3.sandisk.com/download/apps/LPInstaller.CAB
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
    Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1

    FireFox:
    ========
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( )
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-140690695-2300901712-3048348236-1000: @fuzebox.com/Fuze Meeting NPAPI Plugin,version=1.0.0.1 -> C:\Users\Debra\AppData\Local\Fuze Box\Fuze Meeting\npfuzeshare.dll ( )
    FF Plugin HKU\S-1-5-21-140690695-2300901712-3048348236-1000: @movenetworks.com/Quantum Media Player -> C:\Users\Debra\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll (Move Networks)
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-08-20]
    FF HKU\S-1-5-21-140690695-2300901712-3048348236-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\Debra\AppData\Roaming\Move Networks
    FF Extension: Move Media Player - C:\Users\Debra\AppData\Roaming\Move Networks [2010-11-21]

    Chrome:
    =======
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-10-27]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [128752 2010-06-29] (SUPERAntiSpyware.com) [File not signed]
    R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
    S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation) [File not signed]
    R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [679424 2014-07-06] (Microsoft Corporation) [File not signed]
    R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [679424 2014-07-06] (Microsoft Corporation) [File not signed]
    R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-10-27] (AVAST Software)
    S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation) [File not signed]
    S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2013-07-09] (Microsoft Corporation) [File not signed]
    R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [140288 2013-07-08] (Microsoft Corporation) [File not signed]
    R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-03] (Microsoft Corporation) [File not signed]
    R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
    S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 EFS; C:\Windows\System32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
    S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-01-13] (Microsoft Corporation) [File not signed]
    S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-11-08] (Garmin Ltd or its subsidiaries)
    R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2014-09-18] (Microsoft Corporation) [File not signed]
    R2 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-11] (Microsoft Corporation) [File not signed]
    R2 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation) [File not signed]
    R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
    S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation) [File not signed]
    S2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation) [File not signed]
    S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
    R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation) [File not signed]
    R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 PcaSvc; C:\Windows\System32\pcasvc.dll [188416 2014-07-06] (Microsoft Corporation) [File not signed]
    S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation) [File not signed]
    S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation) [File not signed]
    S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
    S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation) [File not signed]
    S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation) [File not signed]
    S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 SamSs; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
    S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe [186760 2014-01-17] ()
    S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation) [File not signed]
    R2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe [244736 2010-02-26] (IDT, Inc.) [File not signed]
    R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 TermService; C:\Windows\System32\termsrv.dll [681984 2014-07-16] (Microsoft Corporation) [File not signed]
    R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2014-04-11] (Microsoft Corporation) [File not signed]
    R3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation) [File not signed]
    S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
    S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) [File not signed]
    R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018304 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [File not signed]
    S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-04] (Microsoft Corporation) [File not signed]
    R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-03] (Microsoft Corporation) [File not signed]
    S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-25] (Microsoft Corporation) [File not signed]
    S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-27] (Microsoft Corporation) [File not signed]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2014-05-30] (Microsoft Corporation) [File not signed]
    S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
    S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-27] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-10-31] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-27] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-27] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-21] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-27] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-27] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-27] ()
    S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) [File not signed]
    S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) [File not signed]
    R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-22] (Microsoft Corporation) [File not signed]
    S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) [File not signed]
    S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) [File not signed]
    S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.) [File not signed]
    S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) [File not signed]
    S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) [File not signed]
    S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) [File not signed]
    S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation) [File not signed]
    S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 cdrom; C:\Windows\system32\drivers\cdrom.sys [147456 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) [File not signed]
    S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed]
    R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [7370304 2009-11-06] (Intel Corporation) [File not signed]
    R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] (Microsoft Corporation) [File not signed]
    R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-26] (Microsoft Corporation) [File not signed]
    R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-08] (Microsoft Corporation) [File not signed]
    R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-26] (Microsoft Corporation) [File not signed]
    R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-13] (Microsoft Corporation) [File not signed]
    R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-16] (Microsoft Corporation) [File not signed]
    R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [215552 2009-05-08] (Realtek Semiconductor Corp.) [File not signed]
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation) [File not signed]
    R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
    S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-28] (Microsoft Corporation) [File not signed]
    R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-28] (Microsoft Corporation) [File not signed]
    R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-28] (Microsoft Corporation) [File not signed]
    R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [505856 2010-02-26] (IDT, Inc.) [File not signed]
    R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation) [File not signed]
    S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-16] (Microsoft Corporation) [File not signed]
    R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2014-07-16] (Microsoft Corporation) [File not signed]
    S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation) [File not signed]
    S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
    S3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [9728 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-26] (Microsoft Corporation) [File not signed]
    S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation) [File not signed]
    R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [53248 2013-11-26] (Microsoft Corporation) [File not signed]
    R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-26] (Microsoft Corporation) [File not signed]
    S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-26] (Microsoft Corporation) [File not signed]
    S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-10] (Microsoft Corporation) [File not signed]
    R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2013-11-26] (Microsoft Corporation) [File not signed]
    S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation) [File not signed]
    R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation) [File not signed]
    R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) [File not signed]
    R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation) [File not signed]
    R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation) [File not signed]
    S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation) [File not signed]
    S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] (Microsoft Corporation) [File not signed]
    S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation) [File not signed]
    R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () [File not signed]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-05 08:31 - 2015-01-05 08:35 - 00052919 _____ () C:\Users\Debra\Desktop\FRST.txt
    2015-01-05 08:30 - 2015-01-05 08:31 - 00000000 ____D () C:\FRST
    2015-01-05 08:30 - 2015-01-05 08:20 - 02123776 _____ (Farbar) C:\Users\Debra\Desktop\FRST64.exe

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-05 08:35 - 2009-07-13 23:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-01-05 08:35 - 2009-07-13 23:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-01-05 08:32 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-05 08:31 - 2009-07-14 00:10 - 01619544 _____ () C:\Windows\WindowsUpdate.log
    2015-01-05 08:29 - 2010-11-02 16:14 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
    2015-01-05 08:25 - 2012-07-15 14:27 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2015-01-05 08:24 - 2010-11-14 14:24 - 00000071 _____ () C:\Windows\SysWOW64\ToasterLauncherLog.log
    2015-01-05 08:24 - 2010-11-14 14:20 - 00000000 ____D () C:\Users\Debra\AppData\Local\SoftThinks
    2015-01-05 08:23 - 2014-06-10 19:52 - 00005682 _____ () C:\Windows\setupact.log
    2015-01-05 08:23 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-01-03 19:28 - 2012-09-28 09:05 - 00000000 ____D () C:\Users\Debra\AppData\Local\Google
    2015-01-03 10:04 - 2010-11-19 09:43 - 00000099 _____ () C:\Users\Public\LMDebug.log
    2015-01-03 09:50 - 2012-11-11 15:23 - 00280064 ___SH () C:\Users\Debra\Documents\Thumbs.db
    2015-01-03 08:27 - 2011-02-26 13:20 - 00000000 ____D () C:\Users\Debra\Documents\Jay
    2015-01-02 19:15 - 2012-09-28 10:28 - 00000000 ____D () C:\Users\Debra\AppData\Local\Apple
    2014-12-29 15:45 - 2010-11-19 07:56 - 00000000 ____D () C:\Users\Debra\Documents\Outlook Files
    2014-12-29 15:43 - 2014-04-22 11:22 - 00000000 ____D () C:\Users\Debra\Documents\AHS
    2014-12-24 15:25 - 2013-01-07 07:56 - 00000000 ____D () C:\Users\Debra\AppData\Roaming\PrimoPDF
    2014-12-16 17:43 - 2011-10-10 18:56 - 00000000 ____D () C:\Users\Debra\Documents\Eagles Class
    2014-12-10 23:02 - 2010-11-02 17:55 - 00494602 _____ () C:\Windows\PFRO.log
    2014-12-10 22:05 - 2010-11-19 07:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-12-10 22:03 - 2013-08-05 02:02 - 00000000 ____D () C:\Windows\system32\MRT
    2014-12-10 21:57 - 2011-04-03 19:28 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-12-25 03:54

    ==================== End Of Log ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015
    Ran by Debra at 2015-01-05 08:37:57
    Running from C:\Users\Debra\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.1.53.64 - Adobe Systems Incorporated)
    Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
    Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
    Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2206 - AVAST Software)
    Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11299.0 - Cisco Consumer Products LLC)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
    Common Desktop Agent (Version: 1.53.0 - OEM) Hidden
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell B1260dn Mono Laser Printer (HKLM-x32\...\Dell B1260dn Mono Laser Printer) (Version: - DELL Inc.)
    Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: - Dell)
    Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
    Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.)
    Dell Dock (HKLM-x32\...\Dell Dock) (Version: - Stardock Corporation)
    Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
    Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
    Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
    Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.115.102 - ALPS ELECTRIC CO., LTD.)
    Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
    Elevated Installer (x32 Version: 2.3.16.0 - Garmin Ltd or its subsidiaries) Hidden
    Freemake Video Converter version 3.2.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation)
    Fuze Meeting (HKLM-x32\...\{18420CD3-6C44-4F0B-868D-27AFA928A39A}) (Version: 1.10.42049 - Fuze Box, Inc.)
    Garmin Express (HKLM-x32\...\{6f60b921-2ae3-43fe-a6fb-ad849bd91451}) (Version: 2.3.16.0 - Garmin Ltd or its subsidiaries)
    Garmin Express (x32 Version: 2.3.16.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express Tray (x32 Version: 2.3.16.0 - Garmin Ltd or its subsidiaries) Hidden
    GIMP (HKLM-x32\...\{46BBA993-5554-42E7-8042-E760D92A580A}) (Version: 2.6.11 - Spencer Kimball)
    GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version: - )
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1994 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1029 - Intel Corporation)
    IntelĀ® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
    Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
    Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Move Media Player (HKU\S-1-5-21-140690695-2300901712-3048348236-1000\...\Move Media Player) (Version: - Move Networks)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
    PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
    ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - Photodex Corporation)
    Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.6 - Dell Inc.)
    QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
    Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
    Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.45.1000 - SUPERAntiSpyware.com)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


    ==================== Restore Points =========================

    24-12-2014 03:00:24 Windows Update
    25-12-2014 03:00:25 Windows Update
    26-12-2014 03:00:42 Windows Update
    27-12-2014 03:00:31 Windows Update
    28-12-2014 03:00:26 Windows Update
    28-12-2014 21:31:36 Windows Update
    29-12-2014 03:00:26 Windows Update
    30-12-2014 03:00:31 Windows Update
    31-12-2014 03:00:32 Windows Update
    31-12-2014 07:40:11 Windows Update
    03-01-2015 03:00:37 Windows Update
    03-01-2015 19:38:23 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {A3FA23B1-FF3A-452B-8058-23FA4999B99F} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-10-27] (AVAST Software)
    Task: {A82AC042-D2A2-40CF-A8C5-BA60CFC425FF} - System32\Tasks\DHN5VWM1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-17] (Dell Inc.)
    Task: {E10CBFB9-6CF0-4AD0-9980-BA667F4E27FF} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

    ==================== Loaded Modules (whitelisted) =============

    2010-11-02 16:05 - 2009-07-17 09:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    2010-11-02 16:05 - 2009-07-17 09:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
    2006-12-05 06:09 - 2006-12-05 06:09 - 00022016 _____ () C:\Windows\System32\DELS1L6.DLL
    2013-01-07 07:47 - 2011-02-28 17:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
    2012-12-05 17:03 - 2011-09-26 04:05 - 00034304 _____ () C:\Windows\System32\sdb3mlm.dll
    2012-12-05 17:04 - 2011-09-25 01:52 - 00034304 _____ () C:\Windows\System32\sdb3xlm.dll
    2009-11-27 05:46 - 2009-11-27 05:46 - 00027648 _____ () C:\Windows\System32\sdp1ml6.dll
    2012-12-05 17:04 - 2011-11-25 04:59 - 01061888 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sdb3xdu.dll
    2012-12-05 17:03 - 2011-11-25 02:10 - 01061888 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sdb3mdu.dll
    2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2011-04-30 12:21 - 2014-01-17 19:07 - 00186760 _____ () C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe
    2010-11-02 16:14 - 2010-08-11 18:19 - 00781536 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
    2010-12-17 18:13 - 2010-12-17 18:13 - 00438784 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
    2010-12-17 18:13 - 2010-12-17 18:13 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
    2010-02-09 13:34 - 2010-02-09 13:34 - 01807680 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
    2009-12-15 20:14 - 2009-12-15 20:14 - 00498160 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    2015-01-03 19:51 - 2015-01-03 19:51 - 02909696 _____ () C:\Program Files\Alwil Software\Avast5\defs\15010301\algo.dll
    2015-01-05 08:24 - 2015-01-05 08:24 - 02909696 _____ () C:\Program Files\Alwil Software\Avast5\defs\15010500\algo.dll
    2010-11-02 16:14 - 2010-08-11 18:19 - 00056544 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
    2010-11-02 16:14 - 2010-08-11 18:19 - 00113888 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
    2010-11-02 16:14 - 2010-08-11 18:19 - 00126176 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
    2010-11-02 16:14 - 2010-08-11 18:19 - 01121504 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
    2010-11-02 16:14 - 2010-08-11 18:19 - 00077024 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
    2010-11-02 16:14 - 2010-08-11 18:19 - 00232672 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
    2010-11-02 16:14 - 2010-08-11 18:19 - 00072928 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
    2010-11-02 16:14 - 2010-08-11 18:19 - 00109792 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
    2010-11-02 16:14 - 2010-08-11 18:19 - 00119008 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
    2010-11-02 16:14 - 2010-08-11 18:19 - 00023776 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
    2010-11-02 16:14 - 2010-08-11 18:19 - 00023776 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
    2010-02-09 13:34 - 2010-02-09 13:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
    2010-02-09 13:34 - 2010-02-09 13:34 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
    2010-02-09 13:34 - 2010-02-09 13:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
    2010-02-09 13:34 - 2010-02-09 13:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
    2010-02-09 13:34 - 2010-02-09 13:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
    2014-10-27 06:23 - 2014-10-27 06:23 - 38561576 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
    2014-10-27 16:30 - 2014-10-27 16:30 - 00718152 _____ () C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\36.0.1985.143\libglesv2.dll
    2014-10-27 16:30 - 2014-10-27 16:30 - 00126280 _____ () C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\36.0.1985.143\libegl.dll
    2014-10-27 16:30 - 2014-10-27 16:30 - 08537928 _____ () C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\36.0.1985.143\pdf.dll
    2014-10-27 16:30 - 2014-10-27 16:30 - 00353096 _____ () C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\36.0.1985.143\ppGoogleNaClPluginChrome.dll
    2014-10-27 16:30 - 2014-10-27 16:30 - 01732936 _____ () C:\Users\Debra\AppData\LocalLow\Apple Computer\dnwtxsgt\ofsrkdtcni\36.0.1985.143\ffmpegsumo.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)


    ========================= Accounts: ==========================

    Administrator (S-1-5-21-140690695-2300901712-3048348236-500 - Administrator - Disabled)
    Debra (S-1-5-21-140690695-2300901712-3048348236-1000 - Administrator - Enabled) => C:\Users\Debra
    Guest (S-1-5-21-140690695-2300901712-3048348236-501 - Limited - Enabled)
    HomeGroupUser$ (S-1-5-21-140690695-2300901712-3048348236-1002 - Limited - Enabled)

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (01/03/2015 06:56:49 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
    Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
    Exception code: 0xc0000005
    Fault offset: 0x0000000000028389
    Faulting process id: 0x674
    Faulting application start time: 0xExplorer.EXE0
    Faulting application path: Explorer.EXE1
    Faulting module path: Explorer.EXE2
    Report Id: Explorer.EXE3

    Error: (01/02/2015 06:37:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1060

    Start Time: 01d026e4d0f1e55a

    Termination Time: 0

    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    Report Id:

    Error: (01/02/2015 06:10:05 PM) (Source: Windows Activation Technologies) (EventID: 3) (User: )
    Description: Health check failure:
    hr = 0x8004FE21, HealthStatus: 0x000000000001EFF0

    Error: (12/26/2014 09:23:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 640c

    Start Time: 01d021787e71cabe

    Termination Time: 50

    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    Report Id:

    Error: (12/26/2014 03:17:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 6b90

    Start Time: 01d021485fad658e

    Termination Time: 20

    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    Report Id:

    Error: (12/26/2014 07:20:20 AM) (Source: Windows Activation Technologies) (EventID: 3) (User: )
    Description: Health check failure:
    hr = 0x8004FE21, HealthStatus: 0x000000000001EFF0

    Error: (12/19/2014 07:19:39 AM) (Source: Windows Activation Technologies) (EventID: 3) (User: )
    Description: Health check failure:
    hr = 0x8004FE21, HealthStatus: 0x000000000001EFF0

    Error: (12/12/2014 07:17:09 AM) (Source: Windows Activation Technologies) (EventID: 3) (User: )
    Description: Health check failure:
    hr = 0x8004FE21, HealthStatus: 0x000000000001EFF0

    Error: (12/09/2014 11:24:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program iexplore.exe version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 116c

    Start Time: 01d013bc7dfdcfcf

    Termination Time: 580

    Application Path: C:\Program Files\Internet Explorer\iexplore.exe

    Report Id:

    Error: (12/06/2014 07:15:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 1a2c

    Start Time: 01d0114bfba3da81

    Termination Time: 277

    Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    Report Id:


    System errors:
    =============
    Error: (01/05/2015 08:24:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Garmin Core Update Service service failed to start due to the following error:
    %%1053

    Error: (01/05/2015 08:24:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.

    Error: (01/03/2015 07:45:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Garmin Core Update Service service failed to start due to the following error:
    %%1053

    Error: (01/03/2015 07:45:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.

    Error: (01/03/2015 07:43:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Garmin Core Update Service service.

    Error: (01/03/2015 07:42:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x800706f7: Update for Windows 7 for x64-based Systems (KB3009736).

    Error: (01/03/2015 07:18:58 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

    Error: (01/03/2015 09:48:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Garmin Core Update Service service.

    Error: (01/03/2015 03:30:50 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x800706f7: Update for Windows 7 for x64-based Systems (KB3009736).

    Error: (01/02/2015 06:38:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Windows Defender service terminated with the following error:
    %%-2147023113


    Microsoft Office Sessions:
    =========================
    Error: (01/03/2015 06:56:49 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000002838967401d026e282d48e26C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll2e32ee31-93a4-11e4-8a81-f04da2a77af6

    Error: (01/02/2015 06:37:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.17344106001d026e4d0f1e55a0C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    Error: (01/02/2015 06:10:05 PM) (Source: Windows Activation Technologies) (EventID: 3) (User: )
    Description: 0x8004FE210x000000000001EFF0

    Error: (12/26/2014 09:23:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.17344640c01d021787e71cabe50C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    Error: (12/26/2014 03:17:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.173446b9001d021485fad658e20C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

    Error: (12/26/2014 07:20:20 AM) (Source: Windows Activation Technologies) (EventID: 3) (User: )
    Description: 0x8004FE210x000000000001EFF0

    Error: (12/19/2014 07:19:39 AM) (Source: Windows Activation Technologies) (EventID: 3) (User: )
    Description: 0x8004FE210x000000000001EFF0

    Error: (12/12/2014 07:17:09 AM) (Source: Windows Activation Technologies) (EventID: 3) (User: )
    Description: 0x8004FE210x000000000001EFF0

    Error: (12/09/2014 11:24:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: iexplore.exe11.0.9600.17344116c01d013bc7dfdcfcf580C:\Program Files\Internet Explorer\iexplore.exe

    Error: (12/06/2014 07:15:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: IEXPLORE.EXE11.0.9600.173441a2c01d0114bfba3da81277C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE


    ==================== Memory info ===========================

    Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
    Percentage of memory in use: 65%
    Total physical RAM: 2008.36 MB
    Available physical RAM: 690.41 MB
    Total Pagefile: 4016.73 MB
    Available Pagefile: 1881.42 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.81 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:146.94 GB) NTFS
    Drive e: () (Fixed) (Total:7.45 GB) (Free:6.48 GB) FAT32
    Drive y: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:7.71 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 232.9 GB) (Disk ID: 3C29B58A)
    Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
    Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=218.2 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (Size: 7.5 GB) (Disk ID: BF884A0A)
    Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)

    ==================== End Of Log ============================
     
  5. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Jayja,
    -----------------------------------------------------------
    Download MGA Diagnostic Tool to your Desktop.
    • Double click MGADiag.exe to launch the program.
    • Click Continue and let the scan run.
    • When finished it will have created a log.
    • Click Copy.
    • Next open Notepad.
      • Click Start > Run type Notepad click OK.
      • This will open an empty Notepad file.
      • Right click in the empty file and choose Paste to copy the log from MGA Diagnostics into it.
      • Save the file to your Desktop.
    • Close MGA Diagnostic Tool.
    • Copy/Paste the Notepad log you just made in your next reply please.

    askey127
     
  6. jayja

    jayja Thread Starter

    Joined:
    Oct 15, 2007
    Messages:
    44
    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0x8004FE21
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-QCPVQ-KHRB8-RMV82
    Windows Product Key Hash: +Rj3N34NLM2JqoBO/OzgzTZXgbY=
    Windows Product ID: 00359-OEM-8992687-00095
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {3F4B0656-CBA9-4EAC-B483-57AF9F4D6867}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.140303-2144
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->
    File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\wat\watux.exe[7.1.7600.16395], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppobjs.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppc.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppwinob.dll[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slc.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\slcext.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppuinotify.dll[6.1.7600.16385], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\slui.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\sppcomapi.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppcommdlg.dll[6.1.7600.16385], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\sppsvc.exe[6.1.7601.17514], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spsys.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\drivers\spldr.sys[6.1.7127.0], Hr = 0x80092003
    File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7601.17514], Hr = 0x800b0100
    File Mismatch: C:\Windows\system32\user32.dll[6.1.7601.17514], Hr = 0x800b0100

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{3F4B0656-CBA9-4EAC-B483-57AF9F4D6867}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-RMV82</PKey><PID>00359-OEM-8992687-00095</PID><PIDType>2</PIDType><SID>S-1-5-21-140690695-2300901712-3048348236</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Inspiron 1545 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A14</Version><SMBIOSVersion major="2" minor="4"/><Date>20091207000000.000000+000</Date></BIOS><HWID>690E3207018400F8</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>WN09 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
    Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00178-926-800095-02-1033-7600.0000-3062010
    Installation ID: 022225178575185771666853546122937173548252062690676406
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: RMV82
    License Status: Licensed
    Remaining Windows rearm count: 4
    Trusted time: 1/5/2015 9:51:19 AM

    Windows Activation Technologies-->
    HrOffline: 0x8004FE21
    HrOnline: N/A
    HealthStatus: 0x000000000001EFF0
    Event Time Stamp: 1:2:2015 18:10
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:
    Tampered File: %systemroot%\system32\sppobjs.dll
    Tampered File: %systemroot%\system32\sppc.dll|sppc.dll.mui
    Tampered File: %systemroot%\system32\sppcext.dll|sppcext.dll.mui
    Tampered File: %systemroot%\system32\sppwinob.dll
    Tampered File: %systemroot%\system32\slc.dll|slc.dll.mui
    Tampered File: %systemroot%\system32\slcext.dll|slcext.dll.mui
    Tampered File: %systemroot%\system32\sppuinotify.dll|sppuinotify.dll.mui
    Tampered File: %systemroot%\system32\slui.exe|slui.exe.mui|COM Registration
    Tampered File: %systemroot%\system32\sppcomapi.dll|sppcomapi.dll.mui
    Tampered File: %systemroot%\system32\sppcommdlg.dll|sppcommdlg.dll.mui
    Tampered File: %systemroot%\system32\sppsvc.exe|sppsvc.exe.mui
    Tampered File: %systemroot%\system32\drivers\spsys.sys


    HWID Data-->
    HWID Hash Current: LgAAAAEAAQABAAIAAAABAAAAAgABAAEAJJSg6nhG2jOaXnYOKB9UbWykIBBGyg==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
    ACPI Table Name OEMID Value OEMTableID Value
    APIC DELL WN09
    FACP DELL WN09
    HPET DELL WN09
    MCFG DELL WN09
    SLIC DELL WN09
    SSDT PmRef CpuPm
     
  7. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Jayja,
    It turns out this nonsense is not your fault.
    See here:
    http://www.infoworld.com/article/28...nuine-reports-validation-code-0x8004fe21.html
    and here:
    http://www.infoworld.com/article/28...77-to-eliminate-botched-patch-kb-3004394.html
    -------------------------------------------------------------------------------------------------------------------------------------
    Go here and download the x64 package, then install it.
    http://support2.microsoft.com/kb/3024777

    Let me know how it goes.
    askey127
     
  8. jayja

    jayja Thread Starter

    Joined:
    Oct 15, 2007
    Messages:
    44
    I'm assuming the fix you proposed is designed to stop the "You are not running genuine Windows" problem. But I think the bigger issue is the multiple processes running in the background under the title of Google Chrome. I do not have chrome installed so I am assuming this is some sort of malware. It is sapping my memory to the point where the computer will hardly run. The Microsoft download has been running for about 15 minutes now and still is not finished. If you are telling me there is no malware then why are these applications running? I have attached a screen capture of the task manager screen.
     

    Attached Files:

  9. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Oh, I'm not going to stop there.
    Just get that fixed first.
    Be back tomorrow.
     
  10. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    Jayja,
    Since correcting that defective update may have a noticeable effect on the content of your logs,please run the FRST64 scan again.
    This time, just post the FRST.txt file contents.

    askey127
     
  11. jayja

    jayja Thread Starter

    Joined:
    Oct 15, 2007
    Messages:
    44
    After my last post I went to bed with the fix still running (according to task manager) and when I woke up it was still running. So I'm guessing the other issue(s) are preventing it from running?? I can't imagine the fix would take so long to complete, especially since MS did not mention anything about it would take a long time to run. I'm no expert but I'm thinking a different approach may be needed? I'll be away from the computer after 11am EST today so I likely won't be able to run anything new until tomorrow morning.

    I really do appreciate your time and thank you.
     
  12. jayja

    jayja Thread Starter

    Joined:
    Oct 15, 2007
    Messages:
    44
    The MS fix will not run. I have tried on three separate occasions to run it but the program starts and will appear in task manager to be running but hours later it is still running. The nor running genuine windows messages are still appearing. What now?
     
  13. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,721
    This is caused by a faulty Windows Update.
    You will need to find out from Microsoft how to fix it. I would suggest calling them.

    You may end up having to re-install Windows, after saving your critical files.
    Attempting to do research on any possible malware is a waste of time until the update issue is fixed.

    You can try to use System Restore. Type system restore into the start box, and choose to revert to a restore point in early November if you can.
    Otherwise you can boot up into DEll Recovery and revert your system back to the way it was when you got it.
    See here: https://neosmart.net/wiki/dell-recovery-partition/
     
  14. jayja

    jayja Thread Starter

    Joined:
    Oct 15, 2007
    Messages:
    44
    I will see what I can do on my end. System restore points don't go back far enough. The Dell Restore option is not available. I have been trying to locate my original OS discs to do a complete reformat but have not located them yet. Please keep this thread open until I can figure out how best to move forward. As always, thanks for all your help.
     
  15. jayja

    jayja Thread Starter

    Joined:
    Oct 15, 2007
    Messages:
    44
    Thanks for your patience. I wanted to wait for a day I could afford to spend some uninterrupted time on the phone with Microsoft. After connecting remotely and running some diagnostic tools, they have assured me that the problem should be fixed. Those multiple .exe files running in the background and masquerading as Google Chrome are still running whether I'm connected to the internet or not. I have disabled the Wi-Fi just in case. Since performance is slow, I have been downloading the diagnostic tools onto a flash drive and importing them into the Dell laptop you are looking at. Waiting on further instructions. Thanks again for keeping this thread open. :)
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1140420

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice