I have reason to believe my computer is infected with something. It has slowed way down the last couple of weeks and it takes a very long time to open programs, to shut down the computer and takes a very long time to download anything, view video's on the internet or even to change pages while on the internet. In addition my scans using Avira seem to hang up at about 45 per cent done and will not finish. It takes a very long time to download updates for Super Anti Spyware and Spybot. I would appreciate some help with this problem. Thanks in advance for anything you can do to help me
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-12-2015 01
Ran by Karen McKinnis (administrator) on KILGARRAH (12-12-2015 13:12:00)
Running from C:\Users\Karen McKinnis\Desktop
Loaded Profiles: Karen McKinnis & comp admin & Guest (Available Profiles: Karen McKinnis & comp admin & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
( ) C:\Windows\System32\lxdncoms.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Google Inc.) C:\Users\Karen McKinnis\AppData\Local\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Karen McKinnis\AppData\Local\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Google Inc.) C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\igfxcui:
HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\Run: [Google Update] => C:\Users\Karen McKinnis\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\Run: [MusicManager] => C:\Users\Karen McKinnis\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7643136 2015-11-17] (Google Inc.)
HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\MountPoints2: {00fc3e61-0ac0-11e3-9855-00266ca6737b} - E:\AutoLaunch.exe
HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\MountPoints2: {cddfa79e-bc23-11e2-ac32-00266ca6737b} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\MountPoints2: {e46220cc-0bf5-11e3-985d-00266ca6737b} - E:\AutoLaunch.exe
HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\MountPoints2: {fcda94d8-f4f9-11e3-9cc1-00266ca6737b} - F:\VZW_Software_upgrade_assistant_installer.exe
HKU\S-1-5-21-851422437-3431464140-778240321-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-851422437-3431464140-778240321-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-08] (SUPERAntiSpyware)
HKU\S-1-5-21-851422437-3431464140-778240321-1003\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-10-15] (Google Inc.)
HKU\S-1-5-21-851422437-3431464140-778240321-501\...\Run: [Best Buy pc app] => C:\Users\Guest.KarenMcKinnis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2013-12-27]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2013-12-27]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
GroupPolicyScripts-x32: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{1BC4ED45-0C56-4A2E-8C6A-6B107EBFF8B8}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{9BD772A9-DC8C-4DD4-9C84-400D91785FB4}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-851422437-3431464140-778240321-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-851422437-3431464140-778240321-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-851422437-3431464140-778240321-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-851422437-3431464140-778240321-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-851422437-3431464140-778240321-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-851422437-3431464140-778240321-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-851422437-3431464140-778240321-1003\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11ENUS/MSN_WCP
HKU\S-1-5-21-851422437-3431464140-778240321-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-851422437-3431464140-778240321-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?ocid=OIE9HP
HKU\S-1-5-21-851422437-3431464140-778240321-501\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE9ENUS/110
URLSearchHook: HKU\S-1-5-21-851422437-3431464140-778240321-1003 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM -> DefaultScope {295C8D1A-956E-45FF-BF82-4C7D5D969816} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM -> {295C8D1A-956E-45FF-BF82-4C7D5D969816} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM-x32 -> DefaultScope {FF4F0CAD-67E0-4E27-864A-EB3D9C1379D3} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKLM-x32 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2845289
SearchScopes: HKLM-x32 -> {FF4F0CAD-67E0-4E27-864A-EB3D9C1379D3} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKU\S-1-5-21-851422437-3431464140-778240321-1000 -> {08D8B2C7-A773-4D96-B40A-15720878911C} URL = hxxp://www.bing.com/search?FORM=U227DF&PC=U227&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-851422437-3431464140-778240321-1000 -> {0DAFCB5E-5BA4-4117-B262-C0B0490EE199} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
SearchScopes: HKU\S-1-5-21-851422437-3431464140-778240321-1000 -> {295C8D1A-956E-45FF-BF82-4C7D5D969816} URL =
SearchScopes: HKU\S-1-5-21-851422437-3431464140-778240321-1000 -> {626EC889-A90F-4715-A5DD-995534FFFCF8} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
SearchScopes: HKU\S-1-5-21-851422437-3431464140-778240321-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=mkg028
SearchScopes: HKU\S-1-5-21-851422437-3431464140-778240321-1003 -> DefaultScope {FF4F0CAD-67E0-4E27-864A-EB3D9C1379D3} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF_enUS421
SearchScopes: HKU\S-1-5-21-851422437-3431464140-778240321-1003 -> {1809DA3D-124E-4398-A93B-1C197C838C1F} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=WCL2&o=100000082&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^AA2&apn_dtid=^YYYYYY^YY^US&apn_uid=0BE7F339-994C-48B8-8FBF-F6AF21B55540&apn_sauid=4F5B7F40-ED6E-4553-B66F-1237C87D95BF&
SearchScopes: HKU\S-1-5-21-851422437-3431464140-778240321-1003 -> {295C8D1A-956E-45FF-BF82-4C7D5D969816} URL =
SearchScopes: HKU\S-1-5-21-851422437-3431464140-778240321-1003 -> {6FA1E0C3-62AF-4505-8D53-C52348094393} URL = hxxp://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-851422437-3431464140-778240321-1003 -> {FF4F0CAD-67E0-4E27-864A-EB3D9C1379D3} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF_enUS421
SearchScopes: HKU\S-1-5-21-851422437-3431464140-778240321-501 -> DefaultScope {B3BD2FB0-30FD-40E7-AFEE-5C47F0D7B5B8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-851422437-3431464140-778240321-501 -> {B3BD2FB0-30FD-40E7-AFEE-5C47F0D7B5B8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=BIE9DF&pc=BIE9&src=IE-SearchBox
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-11-04] (RealDownloader)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-11-04] (RealDownloader)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-09] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-09] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
Toolbar: HKLM-x32 - No Name - {3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-851422437-3431464140-778240321-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-851422437-3431464140-778240321-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-851422437-3431464140-778240321-1000 -> No Name - {41564952-412D-5637-4300-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-851422437-3431464140-778240321-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} hxxp://aolsvc.aol.com/onlinegames/popzuma/popcaploader_v10.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
FireFox:
========
FF ProfilePath: C:\Users\Karen McKinnis\AppData\Roaming\Mozilla\Firefox\Profiles\nvxwbi68.default
FF DefaultSearchEngine.US: Google
FF Homepage: hxxps://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No File]
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\windows\system32\npDeployJava1.dll [2013-09-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll [2014-04-14] (Adobe Systems, Inc.)
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No File]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-05-09] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.2.175 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2015-12-10] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.2.175 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2015-12-10] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-851422437-3431464140-778240321-1000: @nds.com/PlayerPlugin -> C:\Users\Karen McKinnis\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2013-06-25] (DIRECTV)
FF Plugin HKU\S-1-5-21-851422437-3431464140-778240321-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Karen McKinnis\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-851422437-3431464140-778240321-1000: @talk.google.com/O1DPlugin -> C:\Users\Karen McKinnis\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-851422437-3431464140-778240321-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Karen McKinnis\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-851422437-3431464140-778240321-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Karen McKinnis\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-851422437-3431464140-778240321-1000: NDS.com/PlayerPlugin -> C:\Users\Karen McKinnis\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2013-06-25] (DIRECTV)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-04-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-04-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-04-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-04-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-04-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Karen McKinnis\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Karen McKinnis\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\Karen McKinnis\AppData\Roaming\Mozilla\Firefox\Profiles\nvxwbi68.default\searchplugins\avira-safesearch.xml [2015-08-18]
FF Extension: Play Pickle TextLinks - C:\Users\Karen McKinnis\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2011-08-08] [not signed]
FF Extension: Avira Browser Safety - C:\Users\Karen McKinnis\AppData\Roaming\Mozilla\Firefox\Profiles\nvxwbi68.default\Extensions\[email protected] [2015-10-24] [not signed]
FF Extension: Avira Safe Search Plus - C:\Users\Karen McKinnis\AppData\Roaming\Mozilla\Firefox\Profiles\nvxwbi68.default\Extensions\[email protected] [2015-12-04] [not signed]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2015-11-08] [not signed]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-11-08] [not signed]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-11-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2012-12-25] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/webhp?sourceid=navclient-ff
CHR Profile: C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-09]
CHR Extension: (Bejeweled) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2015-04-22]
CHR Extension: (Google Docs) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-09]
CHR Extension: (Google Drive) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (TV) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-04-22]
CHR Extension: (YouTube) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Sheets) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-09]
CHR Extension: (Avira Browser Safety) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-20]
CHR Extension: (Facebook for Chrome) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2015-08-26]
CHR Extension: (Google Docs Offline) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Crackle) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2015-09-09]
CHR Extension: (Freemake Video Converter) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2015-04-22]
CHR Extension: (Avira SafeSearch) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2015-11-30]
CHR Extension: (Skype Click to Call) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR Extension: (Gmail) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-09]
CHR Extension: (RSS Feed Reader) - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2015-11-12]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-851422437-3431464140-778240321-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oajgghejjpgkmpgbchgjieahoefimdle] - C:\Users\Karen McKinnis\AppData\Local\CRE\oajgghejjpgkmpgbchgjieahoefimdle.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-12-25]
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lgjlpcjpffjiecfdocmabeenmgnlmnkd] - C:\ProgramData\wxDfast\lgjlpcjpffjiecfdocmabeenmgnlmnkd.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [oajgghejjpgkmpgbchgjieahoefimdle] - C:\Users\Karen McKinnis\AppData\Local\CRE\oajgghejjpgkmpgbchgjieahoefimdle.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.crx <not found>
StartMenuInternet: Google Chrome.F7MOBJCLTVQD3HV3IATKQYRXT4 - C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-22] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2012-09-07] (Freemake) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 lxdn_device; C:\windows\system32\lxdncoms.exe [1039872 2007-11-28] ( )
R2 lxdn_device; C:\windows\SysWOW64\lxdncoms.exe [589824 2007-11-28] ( )
S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-11-04] ()
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1095976 2015-12-10] (RealNetworks, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-08-29] (Windows ® Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
S4 LMIRfsClientNP; no ImagePath
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 ZTEusbgps; C:\Windows\System32\DRIVERS\ZTEusbgps.sys [123520 2010-12-08] (ZTE Incorporated) [File not signed]
S3 ZTEusbwwan; C:\Windows\System32\DRIVERS\ZTEusbwwan.sys [235008 2011-04-09] (ZTE Incorporated) [File not signed]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 PCTINDIS5X64; \??\C:\windows\system32\PCTINDIS5X64.SYS [X]
S3 RkHit; \??\C:\windows\system32\drivers\RKHit.sys [X]
S3 ZTEusbMB; system32\DRIVERS\ZTEusbnmeaext2.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-12 13:08 - 2015-12-12 13:11 - 00054256 _____ C:\Users\Karen McKinnis\Desktop\Addition.txt
2015-12-12 13:07 - 2015-12-12 13:12 - 00036110 _____ C:\Users\Karen McKinnis\Desktop\FRST.txt
2015-12-12 13:06 - 2015-12-12 13:12 - 00000000 ____D C:\FRST
2015-12-12 13:04 - 2015-12-12 13:04 - 02369536 _____ (Farbar) C:\Users\Karen McKinnis\Desktop\FRST64.exe
2015-12-10 10:39 - 2015-12-10 10:39 - 00428727 _____ C:\Users\Karen McKinnis\AppData\Local\census.cache
2015-12-10 10:39 - 2015-12-10 10:39 - 00207101 _____ C:\Users\Karen McKinnis\AppData\Local\ars.cache
2015-12-10 09:56 - 2015-05-29 00:43 - 00307352 _____ (Trend Micro Inc.) C:\windows\system32\Drivers\tmcomm.sys
2015-12-10 09:52 - 2015-12-10 09:52 - 00000036 _____ C:\Users\Karen McKinnis\AppData\Local\housecall.guid.cache
2015-12-10 09:19 - 2015-12-10 09:21 - 02494944 _____ (Trend Micro Inc.) C:\Users\Karen McKinnis\Downloads\HousecallLauncher64.exe
2015-12-10 08:41 - 2015-12-10 08:41 - 00001732 _____ C:\Users\Karen McKinnis\Documents\cc_20151210_084056.reg
2015-12-10 07:49 - 2015-12-10 07:49 - 00000982 _____ C:\Users\Public\Desktop\RealPlayer (RealTimes).lnk
2015-12-10 07:48 - 2015-12-10 07:48 - 00003382 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-851422437-3431464140-778240321-1000
2015-12-10 07:48 - 2015-12-10 07:48 - 00003266 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-851422437-3431464140-778240321-1000
2015-12-10 07:48 - 2015-12-10 07:48 - 00000000 ____D C:\Users\Karen McKinnis\AppData\Roaming\RealNetworks
2015-12-10 07:47 - 2015-12-10 07:47 - 00000000 ____D C:\ProgramData\RealNetworks
2015-12-10 07:47 - 2015-12-10 07:47 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2015-12-10 07:44 - 2015-12-10 07:44 - 00200976 _____ (RealNetworks, Inc.) C:\windows\SysWOW64\rmoc3260.dll
2015-12-10 07:43 - 2015-12-10 07:43 - 00278800 _____ (Progressive Networks) C:\windows\SysWOW64\pncrt.dll
2015-12-10 07:41 - 2015-12-10 07:41 - 00505616 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp71.dll
2015-12-10 07:41 - 2015-12-10 07:41 - 00354064 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2015-12-08 02:56 - 2015-12-08 02:56 - 00000458 _____ C:\Users\Karen McKinnis\Documents\cc_20151208_025609.reg
2015-12-08 02:47 - 2015-12-08 02:51 - 06801752 _____ (Piriform Ltd) C:\Users\Karen McKinnis\Downloads\ccsetup512.exe
2015-12-08 02:22 - 2015-12-08 02:22 - 00003744 _____ C:\Users\Karen McKinnis\Documents\cc_20151208_022237.reg
2015-12-02 11:10 - 2015-12-02 11:11 - 00000000 ____D C:\Users\Karen McKinnis\Documents\Principal Financial Group 2015
2015-11-18 17:39 - 2015-11-18 17:39 - 00000580 _____ C:\Users\Karen McKinnis\Documents\cc_20151118_173926.reg
2015-11-18 06:14 - 2015-11-18 06:14 - 00002061 _____ C:\Users\Karen McKinnis\Desktop\Free Antivirus Profile Scan for rootkits (2).LNK
2015-11-15 10:07 - 2015-11-15 10:07 - 00000460 _____ C:\Users\Karen McKinnis\Documents\cc_20151115_100659.reg
2015-11-15 08:23 - 2015-11-15 08:23 - 00000468 _____ C:\Users\Karen McKinnis\Documents\cc_20151115_082347.reg
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-12 13:09 - 2009-07-13 20:20 - 00000000 ____D C:\Windows
2015-12-12 13:05 - 2015-06-29 05:35 - 00000944 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-851422437-3431464140-778240321-1000UA.job
2015-12-12 12:58 - 2009-07-13 21:45 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-12 12:58 - 2009-07-13 21:45 - 00018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-12 12:41 - 2010-10-15 10:41 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-12 12:17 - 2014-09-22 18:52 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-12-12 09:59 - 2015-01-31 13:16 - 00003966 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{844D8B97-4D15-4F29-99E6-DEE9E1BC4065}
2015-12-11 19:05 - 2015-06-29 05:35 - 00000892 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-851422437-3431464140-778240321-1000Core.job
2015-12-11 18:41 - 2010-10-15 10:41 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-11 13:46 - 2011-09-01 11:09 - 00000000 ____D C:\ProgramData\lx_Cats
2015-12-11 11:59 - 2013-05-13 18:45 - 00000000 ____D C:\Users\Karen McKinnis\AppData\Local\HTC MediaHub
2015-12-11 11:59 - 2011-12-16 10:45 - 00000435 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-12-11 11:58 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-12-11 11:50 - 2012-11-29 09:07 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-10 09:10 - 2011-09-20 10:27 - 00000000 ____D C:\windows\pss
2015-12-10 08:56 - 2014-03-17 07:59 - 00000833 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-10 08:27 - 2009-07-13 22:13 - 00782510 _____ C:\windows\system32\PerfStringBackup.INI
2015-12-10 08:27 - 2009-07-13 20:20 - 00000000 ____D C:\windows\inf
2015-12-10 08:21 - 2011-11-25 07:49 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-12-10 07:55 - 2015-07-18 08:59 - 00003444 _____ C:\windows\System32\Tasks\RealDownloader Update Check
2015-12-10 07:50 - 2011-03-20 14:46 - 00000000 ____D C:\Users\Karen McKinnis\AppData\Roaming\Real
2015-12-10 07:49 - 2011-03-20 14:46 - 00000000 ____D C:\Program Files (x86)\Real
2015-12-10 07:48 - 2015-07-18 08:58 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-10 07:48 - 2013-08-02 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-12-10 07:48 - 2011-03-20 14:46 - 00000000 ____D C:\ProgramData\Real
2015-12-08 02:20 - 2011-03-12 16:33 - 00000000 ____D C:\Users\Karen McKinnis\AppData\Local\CrashDumps
2015-12-04 18:36 - 2010-10-15 10:41 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 18:36 - 2010-10-15 10:41 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 13:18 - 2011-03-02 03:33 - 00301728 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-12-02 10:15 - 2015-08-21 07:11 - 00002042 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
2015-12-02 10:15 - 2011-12-04 13:22 - 00000000 ____D C:\Users\Karen McKinnis\AppData\Local\Downloaded Installations
2015-12-01 19:00 - 2015-06-29 05:35 - 00003936 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-851422437-3431464140-778240321-1000UA
2015-12-01 19:00 - 2015-06-29 05:35 - 00003540 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-851422437-3431464140-778240321-1000Core
2015-12-01 03:46 - 2015-08-17 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-01 03:44 - 2015-08-17 16:47 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-12-01 03:44 - 2015-08-17 16:47 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-12-01 03:44 - 2015-08-17 16:47 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-11-26 12:19 - 2015-11-01 13:45 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-17 15:57 - 2009-07-13 21:45 - 00417872 _____ C:\windows\system32\FNTCACHE.DAT
2015-11-15 13:30 - 2011-03-01 12:04 - 00110456 _____ C:\Users\Karen McKinnis\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-15 08:26 - 2015-11-08 12:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-15 08:26 - 2015-03-01 19:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Files in the root of some directories =======
2012-10-25 07:32 - 2015-03-01 18:34 - 0032768 ___SH () C:\Users\Karen McKinnis\AppData\Roaming\Thumbs.db
2012-02-09 21:04 - 2012-02-09 21:04 - 0027702 _____ () C:\Users\Karen McKinnis\AppData\Roaming\UserTile.png
2015-12-10 10:39 - 2015-12-10 10:39 - 0207101 _____ () C:\Users\Karen McKinnis\AppData\Local\ars.cache
2015-12-10 10:39 - 2015-12-10 10:39 - 0428727 _____ () C:\Users\Karen McKinnis\AppData\Local\census.cache
2011-03-31 17:53 - 2014-04-19 22:38 - 0123904 _____ () C:\Users\Karen McKinnis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-05 04:00 - 2014-07-05 04:01 - 0000084 _____ () C:\Users\Karen McKinnis\AppData\Local\DVDPATH.TXT
2015-12-10 09:52 - 2015-12-10 09:52 - 0000036 _____ () C:\Users\Karen McKinnis\AppData\Local\housecall.guid.cache
2011-03-01 20:30 - 2015-08-14 07:42 - 0007654 _____ () C:\Users\Karen McKinnis\AppData\Local\Resmon.ResmonCfg
2011-03-01 15:25 - 2011-03-01 15:25 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-09-01 11:11 - 2011-09-01 11:11 - 0000252 _____ () C:\ProgramData\FastPics.log
2011-12-21 16:00 - 2015-02-19 11:48 - 0001102 _____ () C:\ProgramData\lxdnDiagnostics.log
2013-11-03 11:32 - 2013-11-03 11:32 - 0677028 _____ () C:\ProgramData\SPL4B1D.tmp
2014-05-12 12:30 - 2014-05-12 12:34 - 3916231 _____ () C:\ProgramData\SPL4BE3.tmp
2011-09-01 12:18 - 2011-09-01 12:18 - 2455600 _____ () C:\ProgramData\SPL6946.tmp
2013-10-24 10:04 - 2013-10-24 10:04 - 0677028 _____ () C:\ProgramData\SPL69E9.tmp
2011-09-01 21:22 - 2011-09-01 21:23 - 0000126 _____ () C:\ProgramData\tbsched.log
2011-09-01 11:13 - 2011-09-01 11:13 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3328.dll
Some files in TEMP:
====================
C:\Users\Karen McKinnis\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-12-10 11:53
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-12-2015 01
Ran by Karen McKinnis (2015-12-12 13:12:53)
Running from C:\Users\Karen McKinnis\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-03-01 19:00:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-851422437-3431464140-778240321-500 - Administrator - Disabled)
comp admin (S-1-5-21-851422437-3431464140-778240321-1003 - Administrator - Enabled) => C:\Users\comp admin
Guest (S-1-5-21-851422437-3431464140-778240321-501 - Limited - Enabled) => C:\Users\Guest.KarenMcKinnis
HomeGroupUser$ (S-1-5-21-851422437-3431464140-778240321-1002 - Limited - Enabled)
Karen McKinnis (S-1-5-21-851422437-3431464140-778240321-1000 - Administrator - Enabled) => C:\Users\Karen McKinnis
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.2 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Best Buy pc app (HKU\S-1-5-21-851422437-3431464140-778240321-1003\...\e55b814e55744b76) (Version: 3.2.605.2 - Best Buy)
Best Buy pc app (HKU\S-1-5-21-851422437-3431464140-778240321-501\...\48e4cff94f039634) (Version: 3.0.0.0 - Best Buy)
Bricks of Atlantis (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11050883}) (Version: - Oberon Media)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Chuzzle (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}) (Version: - Oberon Media)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.61 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DIRECTV Player (HKLM-x32\...\{69b8745b-65c2-4a2d-b5db-00e0cd841f1e}) (Version: 9.0 - DIRECTV)
Dynasty (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}) (Version: - Oberon Media)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Free All-In-One Media Player (HKLM-x32\...\Free Media Player_is1) (Version: - Free Software Group)
Free FLAC to MP3 Converter 1.0 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version: - PolySoft Solutions)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Freemake Video Converter version 3.2.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation)
G-Force (HKLM-x32\...\G-Force) (Version: 3.9.1 - SoundSpectrum)
Google Chrome (HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.64.0 - HTC)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Lexmark 2600 Series (HKLM\...\Lexmark 2600 Series) (Version: - Lexmark International, Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Mavis Beacon Teaches Typing Platinum 20 (HKLM-x32\...\{58F9D852-9443-4955-A1ED-12C9E0504DD0}) (Version: 20.00.0000 - Broderbund)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Morphyre (HKLM-x32\...\Morphyre) (Version: - )
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\MusicManager) (Version: - Google, Inc.)
OpenSource Flash Video Splitter (remove only) (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: - )
Pale Moon 12.3 (x86 en-US) (HKLM-x32\...\Pale Moon 12.3 (x86 en-US)) (Version: 12.3 - Mozilla)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 18.1.2.176 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.2.179 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.2 - RealNetworks)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RescuePRO™ 3.0 (HKLM-x32\...\RescuePRO-3.0) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1136 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{76078303-BAA2-4FBF-BA13-D1065195E696}) (Version: 3.3.9679 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.06 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{073B89C3-BA88-41B5-965F-B35A88EAE838}) (Version: 2.00.03 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.3.7 - Shark007)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-851422437-3431464140-778240321-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Karen McKinnis\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-851422437-3431464140-778240321-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Karen McKinnis\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2013-01-21 10:59 - 00445399 ____R C:\windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15286 more lines.
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0295E8BB-5F4D-4DC2-B877-1CA1880965BD} - \Microsoft_MKC_Logon_Task_ipoint.exe -> No File <==== ATTENTION
Task: {035E4ED5-F80D-47A2-92A8-3CE99549675B} - \{FBB03403-4435-4D6C-B749-DEB66FFDBDB1} -> No File <==== ATTENTION
Task: {14027216-A724-488B-A1A8-2509B1951589} - \Microsoft_Hardware_Launch_devicecenter_exe -> No File <==== ATTENTION
Task: {211F968F-363B-4F5C-9998-DB72CD5BB890} - \{43148735-6D08-462E-8A2D-A2BED8FB1BEA} -> No File <==== ATTENTION
Task: {22810756-8480-4FAD-883D-FBEF5B2F72E7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {24FEFB76-2477-480A-92AD-B112928AF264} - \{A68FFA67-292F-4368-98CA-2E9A0A827772} -> No File <==== ATTENTION
Task: {4082F654-6FED-4DC2-9EE4-76FC04A34D74} - \PCSafePRO_Start -> No File <==== ATTENTION
Task: {45E5DE3B-1195-4DAF-AEB3-564EBB627774} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-851422437-3431464140-778240321-1000Core => C:\Users\Karen McKinnis\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {460E95D9-3FEB-40B9-A815-327B8C7A2D07} - \{CCFF6434-156E-4D41-AA85-1826B1945794} -> No File <==== ATTENTION
Task: {51F164DD-DE88-4228-960D-A52A93AD5540} - \{270F64CF-BBF4-4AAA-BD43-868E3BB8AB94} -> No File <==== ATTENTION
Task: {5F76E66B-A38B-4DAC-9C78-9C62DEE86E04} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2015-11-04] ()
Task: {66861258-FA96-4F39-9D2B-F99439677543} - \YourFile DownloaderUpdate -> No File <==== ATTENTION
Task: {787E823C-B0D3-40D3-AB96-18E7C21D3E9A} - \RealUpgradeLogonTaskS-1-5-21-851422437-3431464140-778240321-1000 -> No File <==== ATTENTION
Task: {798092B1-E41C-491F-8A4D-0F2134143614} - \{4B970EA6-9BDE-40DE-9E2A-4FC72BF5EBD1} -> No File <==== ATTENTION
Task: {83A8799A-FE1C-4766-86FD-B56D3A5367CA} - \Spybot - Search & Destroy - Scheduled Task -> No File <==== ATTENTION
Task: {8460CDA7-D46A-4B06-A882-8DB16D3D87D2} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-851422437-3431464140-778240321-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {8D7EA35B-5E4E-40A4-B24C-55C8B2F36AC2} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-851422437-3431464140-778240321-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
Task: {903087C8-D0BF-41AF-9457-A109C1604081} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\OSUpgrade => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RunHandleOSUpgrade
Task: {9035E000-8BD9-4241-B96D-A370B465F883} - \{26EC24DD-FA05-4025-8620-B043F77B17DB} -> No File <==== ATTENTION
Task: {980D9688-30C0-403D-8064-9FABC7A98C64} - \Microsoft_Hardware_Launch_mousekeyboardcenter_exe -> No File <==== ATTENTION
Task: {9D2B7B94-D522-477B-846A-256D6D10FBF3} - \Microsoft_MKC_Logon_Task_itype.exe -> No File <==== ATTENTION
Task: {A0CE6B2E-788C-43E5-8733-4986FF59C461} - \PCSafePRO_Popup -> No File <==== ATTENTION
Task: {A1605CE0-1E24-43C7-A6CC-33EECDFA630D} - \RealUpgradeScheduledTaskS-1-5-21-851422437-3431464140-778240321-1000 -> No File <==== ATTENTION
Task: {A850F9DC-88A1-4C6A-B3A7-D4682CB2D9DA} - \{F5E50DD1-523D-4D5B-8B61-D9F0F2F4DDC5} -> No File <==== ATTENTION
Task: {AB9CC5FE-E1E6-43F2-96EC-185E4832D74C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {AFE9D5E5-5568-4FC0-8970-F55299F84480} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\ConfigExec => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RunCollectConfigurationInfo
Task: {B5135A42-8E05-40B1-88E5-031180483391} - \Test TimeTrigger -> No File <==== ATTENTION
Task: {B7C1273F-16FE-4F68-8BBB-63A550AC7835} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\MatSvc\DataUpload => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RetryDataUpload
Task: {B9FAF1D9-6D73-4D72-99EE-B341C16522C6} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\ReportUpload => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RunUploadWinReports
Task: {BF13A229-932B-40A3-B3B9-33F915BED027} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe [2010-02-04] (Lexmark International Inc.)
Task: {C005D3A0-ABEE-44D2-8D69-C9D9EE5618A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C1C9B998-2022-4712-BCFB-085A924FD781} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-851422437-3431464140-778240321-1000UA => C:\Users\Karen McKinnis\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {C5FF9FBF-5A18-4B65-B189-009F691504B0} - \{D134A4FB-B31D-44E0-B93E-3C890C5545BC} -> No File <==== ATTENTION
Task: {D749846B-79C4-45C8-BE37-F658B18A5CB8} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {D915A784-DDD7-422C-8C2C-0C0AAC59421D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {DACC143D-8033-41D2-A0E0-3B3BCF735835} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {E06B8B9A-E1A0-4A88-830A-6CB96A224F91} - \Microsoft_Hardware_Launch_itype_exe -> No File <==== ATTENTION
Task: {F3DADA61-1C49-419E-9649-EB08240C6BD3} - \{95019DFA-8101-43E1-B474-8FAFC21F4605} -> No File <==== ATTENTION
Task: {FE4B978F-E7D6-4908-BFD7-A15AA6A448E2} - \Microsoft_Hardware_Launch_ipoint_exe -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-851422437-3431464140-778240321-1000Core.job => C:\Users\Karen McKinnis\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-851422437-3431464140-778240321-1000UA.job => C:\Users\Karen McKinnis\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job => C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2011-09-01 20:17 - 2009-08-13 12:06 - 00177152 _____ () C:\windows\system32\spool\PRTPROCS\x64\lxdndrpp.dll
2013-05-13 18:44 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-11-04 15:20 - 2015-11-04 15:20 - 00033088 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2009-05-14 13:47 - 2009-05-14 13:47 - 00025088 _____ () C:\windows\system32\lxdncaps64.dll
2009-07-23 19:54 - 2009-07-23 19:54 - 01024512 _____ () C:\windows\system32\lxdndrs64.dll
2007-10-02 14:51 - 2007-10-02 14:51 - 00054784 _____ () C:\windows\system32\lxdncnv464.dll
2009-05-27 09:02 - 2009-05-27 09:02 - 01401856 _____ () C:\windows\system32\spool\DRIVERS\x64\3\lxdnptpc.dll
2009-08-13 12:07 - 2009-08-13 12:07 - 00195072 _____ () C:\windows\system32\spool\DRIVERS\x64\3\lxdndrui.dll
2009-08-13 12:05 - 2009-08-13 12:05 - 00273408 _____ () C:\windows\system32\spool\DRIVERS\x64\3\lxdndr.dll
2015-11-04 13:28 - 2015-11-04 13:28 - 00719632 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2015-07-14 15:35 - 2015-07-14 15:35 - 00030720 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-11-24 16:02 - 2015-11-24 16:02 - 00604288 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2015-07-14 15:36 - 2015-07-14 15:36 - 00059392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2015-07-14 15:35 - 2015-07-14 15:35 - 00035864 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2015-07-14 15:36 - 2015-07-14 15:36 - 00079888 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2015-07-14 15:37 - 2015-07-14 15:37 - 00129016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2015-07-14 15:39 - 2015-07-14 15:39 - 00223240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2015-11-04 15:20 - 2015-11-04 15:20 - 00037720 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2015-11-04 15:19 - 2015-11-04 15:19 - 00039768 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2015-11-04 15:20 - 2015-11-04 15:20 - 00037728 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2015-11-04 13:20 - 2015-11-04 13:20 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2015-07-18 08:55 - 2015-12-10 07:42 - 00653608 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll
2015-11-04 13:28 - 2015-11-04 13:28 - 00077584 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2015-12-08 19:50 - 2015-12-04 14:32 - 01583432 _____ () C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\47.0.2526.80\libglesv2.dll
2015-12-08 19:50 - 2015-12-04 14:32 - 00081224 _____ () C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\47.0.2526.80\libegl.dll
2015-12-08 19:50 - 2015-12-04 14:32 - 16573256 _____ () C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\47.0.2526.80\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:4BB26BE9
AlternateDataStreams: C:\ProgramData\TEMP:AA9519A6
AlternateDataStreams: C:\ProgramData\TEMP:F4921BC9
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7783 more sites.
IE trusted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\microsoft.com -> hxxp://office.microsoft.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-851422437-3431464140-778240321-1000\...\123simsen.com -> www.123simsen.com
There are 7783 more sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-851422437-3431464140-778240321-1000\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-851422437-3431464140-778240321-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\comp admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-851422437-3431464140-778240321-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Guest.KarenMcKinnis\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Freemake Improver => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: RealPlayerUpdateSvc => 2
MSCONFIG\Services: RealTimes Desktop Service => 2
MSCONFIG\Services: TappInAgent => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk.disabled => C:\windows\pss\McAfee Security Scan Plus.lnk.disabled.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealTimes.lnk => C:\windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Karen McKinnis^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Karen McKinnis^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Socialbox.lnk => C:\windows\pss\Socialbox.lnk.Startup
MSCONFIG\startupreg: (default) =>
MSCONFIG\startupreg: 00TCrdMain => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: BingDesktop => c:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: CA74985D9AF18030BF22B5025D7C5C1DFED33CD9._service_run => "C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DW6 => "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
MSCONFIG\startupreg: EzPrint => "C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Karen McKinnis\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_8FCAB53A557408FE6A58F9DDE3A544E7 => "C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe
MSCONFIG\startupreg: Intel AppUp(SM) center => "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
MSCONFIG\startupreg: Intel AppUp(SM) center Systray => "C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe" --domain F0399437-FD0C-4A48-B101-F0314A6172E4 --openmode trayicon
MSCONFIG\startupreg: Intel AppUp(SM) center_Nagware => "C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.lnk"
MSCONFIG\startupreg: IntelliType Pro => "C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: lxdnamon => "C:\Program Files (x86)\Lexmark 2600 Series\lxdnamon.exe"
MSCONFIG\startupreg: lxdnmon.exe => "C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: MusicManager => "C:\Users\Karen McKinnis\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: PSUAMain => "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
MSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Karen McKinnis\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Karen McKinnis\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: VNT => C:\Program Files (x86)\VNT\vntldr.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7FCA74BA-F136-4E24-8B65-1DAE2C5A40EE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EB20C4E5-739F-4FEF-9849-D5923D807933}] => (Allow) LPort=2869
FirewallRules: [{A17F1F14-DA92-474F-8B09-17ADE5CE7063}] => (Allow) LPort=1900
FirewallRules: [{24FBD22E-FDFB-41E8-81F9-A221F15C95D6}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{DE901B0C-E238-48A0-865B-E5B7B0A6F7E5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{78584274-F6A9-454E-8492-5D5DE3547B64}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{9C1133CB-BA47-4B42-BFF3-772792176C35}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{E5BBC32E-9E02-4753-BC37-94A53E2BFCE6}] => (Allow) LPort=7000
FirewallRules: [{5E3E7C2B-F3F9-4D44-AD86-C253B15E3353}] => (Allow) LPort=7000
FirewallRules: [TCP Query User{C61187D2-2447-4158-8033-9DD8B527392F}C:\program files (x86)\soundspectrum\g-force\g-force standalone.exe] => (Allow) C:\program files (x86)\soundspectrum\g-force\g-force standalone.exe
FirewallRules: [UDP Query User{5C581281-C62E-4073-993F-E05FF7BCAE3F}C:\program files (x86)\soundspectrum\g-force\g-force standalone.exe] => (Allow) C:\program files (x86)\soundspectrum\g-force\g-force standalone.exe
FirewallRules: [{D25A8072-C6D6-4195-81D0-62832E1D1481}] => (Allow) C:\Users\Karen McKinnis\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{22D602BD-5DD1-4F69-91AE-3766279A81C9}] => (Allow) C:\Users\Karen McKinnis\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{DEA854F0-9085-466C-B5D1-9A7C618272E6}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdnjswx.exe
FirewallRules: [{D9B8B402-057E-4951-96A2-9C9086C49746}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdnjswx.exe
FirewallRules: [TCP Query User{F5B1BF57-5BF3-41FE-89CF-8C670705E9BD}C:\program files (x86)\lexmark 2600 series\lxdnmon.exe] => (Allow) C:\program files (x86)\lexmark 2600 series\lxdnmon.exe
FirewallRules: [UDP Query User{4346C047-031A-4F84-814B-CB8131734324}C:\program files (x86)\lexmark 2600 series\lxdnmon.exe] => (Allow) C:\program files (x86)\lexmark 2600 series\lxdnmon.exe
FirewallRules: [{BAFAFF8E-AD6D-47E5-83DC-97A3F29E27C3}] => (Allow) C:\Windows\SysWOW64\lxdncoms.exe
FirewallRules: [{9036EBBA-39C6-43EA-9C22-47CB1414653F}] => (Allow) C:\Windows\SysWOW64\lxdncoms.exe
FirewallRules: [{FE70B963-A4E6-4955-A8CD-03F28BCE5ED8}] => (Allow) C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe
FirewallRules: [{71234215-3680-429A-B552-93BE69960E5E}] => (Allow) C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe
FirewallRules: [{C861787F-8887-4CF9-96CB-3697E58DCCAA}] => (Allow) C:\Program Files (x86)\Lexmark 2600 Series\lxdnamon.exe
FirewallRules: [{B88F9419-7212-46A9-B94B-81BD162D5A35}] => (Allow) C:\Program Files (x86)\Lexmark 2600 Series\lxdnamon.exe
FirewallRules: [{8CC6E6E9-77AF-40CC-9B81-C04579FF7218}] => (Allow) C:\Program Files (x86)\Lexmark 2600 Series\frun.exe
FirewallRules: [{019731D3-FD45-45BB-8DF7-128C6561AACF}] => (Allow) C:\Program Files (x86)\Lexmark 2600 Series\frun.exe
FirewallRules: [{61716BBA-9216-4753-A278-E51290EA71F7}] => (Allow) C:\Program Files (x86)\Lexmark 2600 Series\lxdntime.exe
FirewallRules: [{5BCAFB65-A514-48A3-A488-697ADBC9259B}] => (Allow) C:\Program Files (x86)\Lexmark 2600 Series\lxdntime.exe
FirewallRules: [{4DAC1466-318B-477A-BD48-C546B16FED5C}] => (Allow) C:\Windows\System32\lxdncoms.exe
FirewallRules: [{3B6EA9E4-AC3E-4D15-80D4-185A5871C664}] => (Allow) C:\Windows\System32\lxdncoms.exe
FirewallRules: [{10A32C7F-3CE4-42E3-8B30-5231143BE947}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdnpswx.exe
FirewallRules: [{9BC2D15B-127D-4232-9EFD-6665A9D39D4E}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxdnpswx.exe
FirewallRules: [TCP Query User{AB546C4F-CEF3-4AF8-89E2-23B5515665D4}C:\users\karen mckinnis\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\karen mckinnis\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DE4ED9AF-621F-4DD5-84A2-EE35AF13FA82}C:\users\karen mckinnis\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\karen mckinnis\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A808EE16-6968-4DD9-8E77-BE1F1349FC45}] => (Allow) C:\Program Files (x86)\Lexmark 2600 Series\Diagnostics\LXDNdiag.exe
FirewallRules: [{9D714269-38C3-4FF7-BB67-838BDEE85A8A}] => (Allow) C:\Program Files (x86)\Lexmark 2600 Series\Diagnostics\LXDNdiag.exe
FirewallRules: [TCP Query User{349971DF-9EB4-4218-9613-D5FDBE9D7211}C:\program files (x86)\soundspectrum\g-force\g-force v-bar.exe] => (Allow) C:\program files (x86)\soundspectrum\g-force\g-force v-bar.exe
FirewallRules: [UDP Query User{6AF36AC2-190E-4B61-8D80-2964F32AB8AF}C:\program files (x86)\soundspectrum\g-force\g-force v-bar.exe] => (Allow) C:\program files (x86)\soundspectrum\g-force\g-force v-bar.exe
FirewallRules: [{0FB121D4-96A4-4060-BF1C-3F8084ECD024}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{C5498301-7B8B-4EF0-B5A9-7E4A2ED5E140}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{B7581333-6081-4A6E-BF5B-642680376DD2}C:\program files (x86)\lexmark 2600 series\frun.exe] => (Allow) C:\program files (x86)\lexmark 2600 series\frun.exe
FirewallRules: [UDP Query User{D01D4F4F-AA0D-4049-9411-49B9D62B103A}C:\program files (x86)\lexmark 2600 series\frun.exe] => (Allow) C:\program files (x86)\lexmark 2600 series\frun.exe
FirewallRules: [TCP Query User{5EA905FC-3BE4-41E4-B125-F75829BDAE0B}C:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe] => (Allow) C:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe
FirewallRules: [UDP Query User{4C0FBB50-5291-44BC-A285-B25B0369930C}C:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe] => (Allow) C:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe
FirewallRules: [{650DB092-FFFE-40FC-8707-B57BE1599707}] => (Allow) C:\Program Files (x86)\Toolbar Cleaner\ToolbarCleaner.exe
FirewallRules: [{D7AEABDF-0C71-4DC5-8195-A7F859AF6AAE}] => (Allow) C:\Program Files (x86)\Toolbar Cleaner\ToolbarCleaner.exe
FirewallRules: [{EE63225E-2E1C-4578-9CDA-1FF951B00D7D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5346DFFF-F7D4-457E-9FA5-5B221B91E0FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AA3295E4-DEB2-42C0-B545-3391EC5F18C9}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{65B3139C-645D-450A-8940-48BC82AE5AF2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F95C95B6-57D7-4D9B-8B26-6407839C8459}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F35BE0AE-15C2-4085-A046-E07382B8AB57}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{BC6354C0-06AB-403C-9632-0340DE6A6A79}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{9CE03297-2C28-488D-AA07-6CC8D8292CC7}] => (Allow) C:\Users\Karen McKinnis\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{B90B4F6A-B9F5-46FC-813C-477D357848EB}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
==================== Faulty Device Manager Devices =============
Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/11/2015 09:23:42 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/11/2015 09:23:42 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/11/2015 09:23:42 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/11/2015 09:23:42 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Error: (12/11/2015 09:23:33 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/11/2015 09:23:32 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
Context: Windows Application, SystemIndex Catalog
Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)
Error: (12/11/2015 09:23:32 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/11/2015 09:23:32 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/11/2015 09:23:32 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.
Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))
Error: (12/11/2015 09:23:31 AM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (4088) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00098.log.
System errors:
=============
Error: (12/12/2015 01:09:34 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (12/12/2015 12:39:33 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (12/12/2015 11:39:32 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (12/12/2015 09:39:28 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (12/12/2015 08:39:25 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (12/12/2015 12:15:33 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (12/11/2015 01:00:36 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
Error: (12/11/2015 12:58:34 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (12/11/2015 11:59:54 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.0.3192.168.137.0255.255.255.0
Error: (12/11/2015 11:59:54 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
==================== Memory info ===========================
Processor: Intel® Celeron® CPU 925 @ 2.30GHz
Percentage of memory in use: 67%
Total physical RAM: 2939.98 MB
Available physical RAM: 953.19 MB
Total Virtual: 5878.16 MB
Available Virtual: 2965.38 MB
==================== Drives ================================
Drive c: (TI106034W0C) (Fixed) (Total:221.24 GB) (Free:153.24 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive i: (TOSHIBA HDD) (Fixed) (Total:931.28 GB) (Free:750.02 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 5FBA0294)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=221.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10.2 GB) - (Type=17)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B86F9514)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)
==================== End of Addition.txt ============================