Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows 7 Home 32bit iexplorer.exe using lots of memory and lagging

iexplore memory

  • Please log in to reply

#1
Julsal4745

Julsal4745

    New Member

  • Member
  • Pip
  • 1 posts

I have been experiencing increased lag on my machine, and have opened task manager to find iexplore.exe is using +500MB or more of memory and continues to climb when I'm using it for email or anything really.  I have already tried to un all the recommended malware removal and still same issue? 

 

I need help to figure out what is killing my machine and iexplore.exe? 

 

See below the Farbar.txt, also attached. 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-10-2017 01
Ran by Salinas (20-10-2017 12:44:34)
Running from C:\Users\Salinas\Downloads\IExplore Fix Tools
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2010-06-14 02:58:33)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3647659584-1139991080-2781195243-500 - Administrator - Disabled)
Dora (S-1-5-21-3647659584-1139991080-2781195243-1006 - Limited - Enabled) => C:\Users\Dora
Guest (S-1-5-21-3647659584-1139991080-2781195243-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-3647659584-1139991080-2781195243-1005 - Limited - Enabled)
Lily & June (S-1-5-21-3647659584-1139991080-2781195243-1009 - Limited - Enabled) => C:\Users\Lily & June
Salinas (S-1-5-21-3647659584-1139991080-2781195243-1004 - Administrator - Enabled) => C:\Users\Salinas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2012 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AV: Panda Protection (Enabled - Up to date) {46AEFD02-ACA3-E038-1FA5-4A15EFD361E0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Protection (Enabled - Up to date) {FDCF1CE6-8A99-EFB6-2515-716794542B5D}
AS: AVG AntiVirus Free Edition 2012 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: Panda Firewall (Disabled) {7E957C27-E6CC-E160-34FA-E3201100269B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AC3Filter 1.62b (HKLM\...\AC3Filter_is1) (Version: 1.62b - Alexander Vigovsky)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
AI Suite 3 (HKLM\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.68 - ASUSTeK Computer Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\Akamai) (Version:  - Akamai Technologies, Inc)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
AMD Catalyst Install Manager (HKLM\...\{6B3D4724-5D7A-4C43-1036-6AE7E822E3C7}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Asmedia USB Host Controller Driver (HKLM\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.23.0 - Asmedia Technology)
ASUS Product Register Program (HKLM\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
ATI Catalyst Registration (HKLM\...\{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}) (Version: 3.00.0000 - ATI Technologies Inc.) Hidden
Autodesk Material Library 2013 (HKLM\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Navisworks Freedom 2013 (HKLM\...\{F71A14BF-3695-0000-896C-53FA12C46719}) (Version: 10.1.879.81 - Autodesk) Hidden
Autodesk Navisworks Freedom 2013 (HKLM\...\Autodesk Navisworks Freedom 2013) (Version: 10.1.879.81 - Autodesk)
Autodesk Navisworks Freedom 2013 English Language Pack (HKLM\...\{F71A14BF-3695-0409-896C-53FA12C46719}) (Version: 10.1.879.81 - Autodesk) Hidden
Autodesk Navisworks Freedom 2013 English Language Pack (HKLM\...\Autodesk Navisworks Freedom 2013 English Language Pack) (Version: 10.1.879.81 - Autodesk)
AVG (HKLM\...\AvgZen) (Version: 1.116.3.1052 - AVG Technologies)
AVG 2011 (HKLM\...\{4EB34322-B940-46EB-810E-68E71A819269}) (Version: 10.0.1152 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{03DB8950-C7BD-4CB2-923C-8550D6D059FF}) (Version: 12.1.2265 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{18FB0F02-B07D-4826-AC69-99F6B2C10DFA}) (Version: 12.0.4311 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2265 - AVG Technologies)
AVG Zen (HKLM\...\{3D8C5CBA-DDCF-44CE-AD7D-B0AEF74E989E}) (Version: 1.116.2 - AVG Technologies) Hidden
Bluebeam Localization (HKLM\...\{FAC9853A-E045-499E-A08A-DAFAA698CA3F}) (Version: 12.6.0 - Bluebeam Software, Inc.) Hidden
Bluebeam Revu 12 International (HKLM\...\{8C284678-3F62-48F1-8B2C-2B102D2D6867}) (Version: 12.6.0 - Bluebeam Software) Hidden
Bluebeam Revu 12 International (HKLM\...\InstallShield_{8C284678-3F62-48F1-8B2C-2B102D2D6867}) (Version: 12.6.0 - Bluebeam Software)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.00 - Canon Inc.)
Canon MG2900 series On-screen Manual (HKLM\...\Canon MG2900 series On-screen Manual) (Version: 7.7.0 - Canon Inc.)
Canon MG2900 series User Registration (HKLM\...\Canon MG2900 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.109.0.64 - Conexant)
Crimson 2.0 (HKLM\...\{32E9A3BF-1DB4-490E-A285-44457B81416F}) (Version:  - )
Crimson 3.0 (HKLM\...\{9168C4E8-1A1B-4690-8D95-575982A7F45B}) (Version: 3.2.227 - Red Lion Controls Inc.)
DivX 4.0 Final Codec (HKLM\...\DIVXCodec) (Version:  - )
DivX 5.0 Pro Bundle (HKLM\...\DivX 5.0 Pro Bundle) (Version:  - )
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.224 - DivX, LLC)
dupeGuru (HKLM\...\{926F26B2-8CCD-42C2-8F5A-A3F9E682BC62}) (Version: 3.8.0 - Hardcoded Software)
ffdshow [rev 2527] [2008-12-19] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
FMW 1 (HKLM\...\{A2B92392-DC17-416B-88F6-A6A55E053E32}) (Version: 1.143.3 - AVG Technologies) Hidden
Google Drive (HKLM\...\{AC117AF9-316B-4E1D-959E-F0EB85B0DC5F}) (Version: 2.34.7100.0000 - Google, Inc.)
Google Earth Pro (HKLM\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google)
Google Photos Backup (HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.135 - Google Inc.) Hidden
Internet TV for Windows Media Center (HKLM\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Lenovo DirectShare (HKLM\...\{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version:  - ArcSoft)
Lenovo Service Bridge (HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo)
Lynda.com Desktop App (HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\6043ff57df569209) (Version: 1.3.3.90 - Lynda.com)
marvell 91xx driver (HKLM\...\MagniDriver) (Version: 1.0.0.1034 - Marvell)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{56B4002F-671C-49F4-984C-C760FE3806B5}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mpeg Layer3 Codec FHG-Radium v1.263 (HKLM\...\Mp3 Codec) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Netflix in Windows Media Center (HKLM\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
OpenOffice 4.1.2 (HKLM\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Panda Devices Agent (HKLM\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
Panda Protection (HKLM\...\{2DE1F55B-B8FC-4ACF-8EB2-A38056C8E476}) (Version: 8.91.00 - Panda Security) Hidden
Panda Protection (HKLM\...\Panda Universal Agent Endpoint) (Version: 18.1.0 - Panda Security)
PandoraRecovery (Remove Only) (HKLM\...\PandoraRecovery) (Version:  - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d4 - CyberLink Corp.)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RealDownloader (HKLM\...\{2275115D-1431-4A62-A98F-2F0393815327}) (Version: 18.1.9.106 - RealNetworks, Inc.) Hidden
RealDownloader (HKLM\...\{45bcec97-14a2-4e10-a129-58d2d0b34398}) (Version: 18.1.9.106 - RealNetworks) Hidden
RealDownloader (HKLM\...\{85584A8B-8989-42AA-81A0-80ABF61EFAF1}) (Version: 18.1.9.106 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM\...\RealPlayer 18.1) (Version: 18.1.9 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
ScottradeELITE v5 (HKLM\...\{7E94DCE4-F1F3-47AF-A2D4-8A81008D9B1F}) (Version: 5.3.0.0 - Scottrade Inc.)
SketchUp 2016 (HKLM\...\{F8F51164-606F-45A2-B706-10B0329BF740}) (Version: 16.1.1450 - Trimble Navigation Limited)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Imagination Station (remove only) (HKLM\...\The Imagination Station) (Version:  - )
The Lord of the Rings FREE Trial  (HKLM\...\{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
The Rosetta Stone (HKLM\...\The Rosetta Stone) (Version:  - )
UpdateService (HKLM\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB Electronic Scale (HKLM\...\{D1E777C3-B26E-4E91-8B09-0A19B259A805}) (Version: 1.00.4000 - NA)
vc2012_redist (HKLM\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Video Downloader (HKLM\...\{4C68AE5C-915A-492A-AFCD-B630ECB9522D}) (Version: 18.1.9 - RealNetworks) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
vs2015_redist x86 (HKLM\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Windows Driver Package - Red Lion Controls (HMI) USB  (01/13/2010 1.0.0.6) (HKLM\...\BEA29C59F1C197E983C09C30CB847015F2B4535D) (Version: 01/13/2010 1.0.0.6 - Red Lion Controls)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Center Add-in for Flash (HKLM\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version:  - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2104.1.02B08 - ZTE Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{01971695-16C8-4886-9742-ADC79A269444}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Salinas\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.30.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.31.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{6E1B07CC-8C0F-46F1-B993-FA20D1C368C3}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.29.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.32.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{DEF63C56-2AB9-4284-A400-CDD81AED639E}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-10-09] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-10-09] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-10-09] (Google)
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files\AVG\AVG2012\avgse.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2017-05-25] (DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2017-05-25] (DivX, LLC)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-10-09] (Google)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files\Panda Security\Panda Security Protection\PSUAShell.dll [2017-02-22] (Panda Security, S.L.)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files\real\realplayer\RPDS\Bin\rpcontextmenu.dll [2017-10-03] (RealNetworks, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-10-09] (Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2014-02-15] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files\Panda Security\Panda Security Protection\PSUAShell.dll [2017-02-22] (Panda Security, S.L.)
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files\AVG\AVG2012\avgse.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files\Panda Security\Panda Security Protection\PSUAShell.dll [2017-02-22] (Panda Security, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07D40AFA-0247-47F4-8297-602863BA84C5} - \{2D52A9F6-0520-4318-9B5B-C15D9F3BBF76} -> No File <==== ATTENTION
Task: {09D34BC8-A36D-4DC8-91D9-D3A60D007F4C} - \{E813BD99-D0AA-40FE-A215-30C7E52D796A} -> No File <==== ATTENTION
Task: {0A15F273-59A5-4447-B4A2-027EBA215D3E} - \{76A0FA97-5123-4C7B-8530-F71D4B9DBB0E} -> No File <==== ATTENTION
Task: {0F72386D-66EC-436F-80D7-427D6F3AA8EC} - \{8E52FD58-3EC2-4207-BD96-7B68C7201B79} -> No File <==== ATTENTION
Task: {1164C104-4C07-4D03-9374-D686636CB4FE} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3647659584-1139991080-2781195243-1004 => C:\program files\real\RealDownloader\realupgrade.exe [2017-08-17] (RealNetworks, Inc.)
Task: {1A54337D-4FD2-4A29-A946-C839DD3054B3} - \RealUpgradeLogonTaskS-1-5-21-3647659584-1139991080-2781195243-1006 -> No File <==== ATTENTION
Task: {1C543C63-9487-4C41-9A13-E7280BC87C5F} - \RealUpgradeScheduledTaskS-1-5-21-3647659584-1139991080-2781195243-1006 -> No File <==== ATTENTION
Task: {1CCFEA1C-E1F5-4458-ABBD-ED3B616B3253} - \RealUpgradeScheduledTaskS-1-5-21-3647659584-1139991080-2781195243-1004 -> No File <==== ATTENTION
Task: {2656F34F-AF4A-458C-9CCD-E862F5F09B6A} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {2B5F6373-88E9-40BD-81FC-0A9EB6FB9DFD} - \{B4650410-25B6-4377-B01B-90F4EB4C1B0B} -> No File <==== ATTENTION
Task: {2DD9D344-DF9E-436C-9478-51A39A5D7E68} - System32\Tasks\DivXUpdate => C:\Program Files\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-05-26] (DivX, LLC)
Task: {32552979-7C40-4360-81D3-279DF5AF382E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3647659584-1139991080-2781195243-1006UA => C:\Users\Dora\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-22] (Google Inc.)
Task: {34E4D202-C757-4C70-8F3F-42C32E220B55} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3647659584-1139991080-2781195243-1006Core => C:\Users\Dora\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-22] (Google Inc.)
Task: {39977318-BBDF-4F10-889B-593C74B4FDA6} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-02-11] ()
Task: {4492EC65-DDF6-4E23-93D7-07216E14326C} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {4492EC65-DDF6-4E23-93D7-07216E14326C} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\windows\system32\GWX\GWXDetector.exe [2016-03-21] (Microsoft Corporation)
Task: {4FA96EA3-EE25-41E9-AE1E-F6606A755B88} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3647659584-1139991080-2781195243-1004 => "C:\windows\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Salinas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {522763DF-9354-474E-A4F7-EE8A187E093E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {522763DF-9354-474E-A4F7-EE8A187E093E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\windows\system32\GWX\GWXDetector.exe [2016-03-21] (Microsoft Corporation)
Task: {5E22B1A3-F184-4F0A-88BB-94C61F6A6A60} - \{A50800C1-7FBC-47D3-9376-F023B1EA7E81} -> No File <==== ATTENTION
Task: {5E3F1E69-3213-4E3B-B1EA-E98A4705DCDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-20] (Google Inc.)
Task: {61D3FD90-2C5C-478A-9FF8-BD8C41D61E7B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3647659584-1139991080-2781195243-1004Core => C:\Users\Salinas\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-21] (Google Inc.)
Task: {66DE95D1-A56D-4BA2-9E4A-848444C83768} - System32\Tasks\RealDownloader Update Check => C:\program files\real\RealDownloader\downloader2.exe [2017-08-17] ()
Task: {67B476C3-0206-4A89-9B53-DBD41FB07FBD} - \RealPlayerRealUpgradeLogonTaskS-1-5-21-3647659584-1139991080-2781195243-1006 -> No File <==== ATTENTION
Task: {711F4EC8-ECFD-43E6-AE92-8A233ACE1875} - System32\Tasks\ASUS\Ez Update => C:\Program Files\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2014-01-07] ()
Task: {78EFAC36-0B5E-45CB-AD6B-DA2AE8B47099} - \{C2333ED9-6BD4-4EDC-A0FA-ECB32F29E68D} -> No File <==== ATTENTION
Task: {798278B5-E1E5-4C0A-BEF6-77A61178DDC1} - \RealUpgradeLogonTaskS-1-5-21-3647659584-1139991080-2781195243-1004 -> No File <==== ATTENTION
Task: {8227C4FD-BECB-42C0-93D1-374F63E8CD0F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3647659584-1139991080-2781195243-1004UA => C:\Users\Salinas\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-21] (Google Inc.)
Task: {832CB181-2A09-4EE2-9991-5C44C870A6E3} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {832CB181-2A09-4EE2-9991-5C44C870A6E3} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {832CB181-2A09-4EE2-9991-5C44C870A6E3} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\windows\system32\GWX\GWXDetector.exe [2016-03-21] (Microsoft Corporation)
Task: {8B8FF742-CF2B-4F5B-A7F9-044E5E864186} - \{5E122F1D-DE60-4F5F-BC72-AEBD7C25C8BE} -> No File <==== ATTENTION
Task: {9305F254-5184-4C96-8491-5DF3BDAAF217} - \{926EC70A-65DB-4439-A21F-7A8BF1B1AF3D} -> No File <==== ATTENTION
Task: {964A762F-91B8-4A73-94F9-5CD431ACD937} - \{AC109C08-2AEA-4C45-A0FC-BD9805790AB4} -> No File <==== ATTENTION
Task: {A44FF339-E459-4F10-A67D-EC376D0265FB} - \Launch FutureDial Suite -> No File <==== ATTENTION
Task: {A512BD05-38A7-48FD-A763-10F02589E818} - System32\Tasks\RealCreateProcessScheduledTask532743492S-1-5-21-3647659584-1139991080-2781195243-1004 => c:\program files\real\realplayer\realplay.exe [2017-10-03] (RealNetworks, Inc.)
Task: {ACEAFEA1-C3D3-4B23-B762-884887A9178E} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3647659584-1139991080-2781195243-1004 => C:\program files\real\RealDownloader\realupgrade.exe [2017-08-17] (RealNetworks, Inc.)
Task: {AD56AE9C-D367-4397-9E6D-A18E98F41C45} - \{425EBCAA-45E1-40D6-85BB-40FA10120C10} -> No File <==== ATTENTION
Task: {AD738F2A-DC81-405C-A423-03C82EB23E7D} - System32\Tasks\{D8D08D56-CAED-411A-B1B9-FB5B6CED9303} => C:\windows\system32\pcalua.exe -a C:\Users\Salinas\AppData\Local\Temp\jre-8u121-windows-au.exe -d C:\windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {C5C7D3F7-C54C-4761-9568-8D89A9330EC3} - \RealPlayerRealUpgradeScheduledTaskS-1-5-21-3647659584-1139991080-2781195243-1006 -> No File <==== ATTENTION
Task: {C879B86B-7994-4B32-ABC6-2FA5A0253E94} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {CB3BABA2-08E7-470C-AFB0-0F3196D38153} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {CF846262-5A28-4C09-BB57-4A9E9B013A0C} - \{2C9C54F8-3E73-4C1F-B70C-0D101E6FE2FF} -> No File <==== ATTENTION
Task: {D0D5CB4A-3542-4C51-8915-07DBCC4C02DB} - \SidebarExecute -> No File <==== ATTENTION
Task: {D4F9C58E-85A9-42C8-8DD0-1BE2E844E59D} - \{84086116-D8E0-458F-AAA2-AF3E323BCEC3} -> No File <==== ATTENTION
Task: {D66ADAC2-3981-498C-ACCF-5CA5EB8EB791} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-20] (Google Inc.)
Task: {E0A29640-A63F-4E88-B717-4EE89D69199A} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files\ASUS\AI Suite III\AISuite3.exe [2014-02-11] (ASUSTeK Computer Inc.)
Task: {E3DCA757-2D56-48C2-9261-9ACBB5CF6D3B} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {E3DCA757-2D56-48C2-9261-9ACBB5CF6D3B} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\windows\system32\GWX\GWXDetector.exe [2016-03-21] (Microsoft Corporation)
Task: {F3AAA26B-A2E7-4FBA-A758-4CD1B9CD5A7D} - \{45632D27-311F-4476-8233-1A4BC12E9B07} -> No File <==== ATTENTION
Task: {F50C2D0C-B931-4AA6-B953-AB24DA3AF988} - \{8CB4BBE0-3DA4-4079-8154-47FA9EB1CC23} -> No File <==== ATTENTION
Task: {FAC4618C-61DA-4711-938A-22A6BAC3AC1E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-01-28 06:16 - 2014-01-28 06:16 - 000936728 ____N () C:\Program Files\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-03-20 23:08 - 2017-10-20 12:29 - 000025600 _____ () C:\Program Files\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-03-20 23:08 - 2014-01-28 06:16 - 000104448 ____N () C:\Program Files\ASUS\AXSP\1.01.02\ATKEX.dll
2016-03-22 19:45 - 2013-06-28 10:58 - 000084616 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2015-12-15 12:17 - 2015-12-15 12:17 - 000618544 _____ () C:\Program Files\Panda Security\Panda Security Protection\SQLite3.dll
2016-03-20 23:10 - 2014-02-11 21:22 - 001226520 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2016-03-20 23:10 - 2014-02-11 21:22 - 000685056 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2016-03-20 23:10 - 2014-02-11 21:22 - 000858112 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2016-03-20 23:10 - 2014-02-11 21:22 - 000766976 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2016-03-20 23:10 - 2014-02-11 21:22 - 000807936 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2016-03-20 23:09 - 2014-01-07 10:36 - 001427768 _____ () C:\Program Files\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2016-03-20 23:09 - 2014-01-07 10:19 - 005778416 _____ () C:\Program Files\ASUS\AI Suite III\EZ Update\EzULIB.dll
2016-03-20 23:09 - 2010-06-21 15:21 - 000208896 _____ () C:\Program Files\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2016-03-20 23:09 - 2014-01-28 11:16 - 000091648 _____ () C:\Program Files\ASUS\AI Suite III\Log4cxxWrapper.dll
2016-03-20 23:09 - 2014-01-28 11:16 - 000147456 _____ () C:\Program Files\ASUS\AI Suite III\AssistFunc.dll
2016-03-20 23:09 - 2013-03-13 17:12 - 000870912 _____ () C:\Program Files\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2016-03-20 23:10 - 2014-02-13 23:08 - 003296256 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\dip4.dll
2016-03-20 23:09 - 2014-01-14 09:50 - 001138176 _____ () C:\Program Files\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2016-03-20 23:08 - 2014-01-28 06:16 - 000662016 ____R () C:\Program Files\ASUS\AAHM\1.00.22\aaHMLib.dll
2016-11-28 09:20 - 2016-11-28 09:20 - 048920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
2017-08-17 15:21 - 2017-08-17 15:21 - 001259704 _____ () C:\Program Files\Real\RealDownloader\downloader2.exe
2017-10-03 14:43 - 2017-10-03 14:43 - 000101200 _____ () c:\program files\real\realplayer\CrashRpt\CrashRpt1402.dll
2017-10-20 12:30 - 2017-10-20 12:30 - 000098816 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32api.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000110080 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\pywintypes27.dll
2017-10-20 12:30 - 2017-10-20 12:30 - 000364544 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\pythoncom27.dll
2017-10-20 12:30 - 2017-10-20 12:30 - 000320512 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32com.shell.shell.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000914432 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_hashlib.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 001176576 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._core_.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000806400 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._gdi_.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000816128 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._windows_.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 001067008 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._controls_.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000733184 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._misc_.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000682496 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\pysqlite2._sqlite.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000088064 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_ctypes.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000686080 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\unicodedata.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000119808 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32file.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000108544 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32security.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000007168 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\hashobjs_ext.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000017920 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\thumbnails_ext.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000088064 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\usb_ext.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000012800 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\common.time34.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000018432 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32event.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000167936 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32gui.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000046080 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_socket.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 001303552 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_ssl.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000128512 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_elementtree.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000127488 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\pyexpat.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000038912 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32inet.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000036864 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_psutil_windows.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000524248 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\windows._lib_cacheinvalidation.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000011264 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32crypt.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000123392 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._wizard.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000077312 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._html2.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000027648 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_multiprocessing.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000020480 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_yappi.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000035840 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32process.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000078848 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._animate.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000024064 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32pipe.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000010240 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\select.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000025600 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32pdh.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000017408 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32profile.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000022528 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32ts.pyd
2016-03-20 23:09 - 2014-01-28 11:16 - 000944952 _____ () C:\Program Files\ASUS\AI Suite III\ASUSMiniBar.exe
2016-03-20 23:10 - 2014-02-13 17:00 - 000733184 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\EPU.dll
2014-02-15 04:57 - 2014-02-15 04:57 - 000095744 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\100sexlinks.com -> 100sexlinks.com

There are 4791 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:04 - 2017-10-20 11:43 - 000000027 _____ C:\windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Salinas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: SeaPort => 2
MSCONFIG\Services: vToolbarUpdater14.1.7 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupreg: ATICustomerCare => "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FAF6B61B-8BF9-4DC8-9BD3-0F9D0AEFF352}] => (Allow) C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{BC388E0F-A046-4EB8-90DC-A8A393AF31B1}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{D4DEBBF8-10D7-4C88-B1D6-4C2A8976C73F}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{BA8609B2-B910-4129-A46E-385298967ABA}] => (Allow) svchost.exe
FirewallRules: [{A2B83C6A-E52D-4CB8-823A-F40F363FBE9E}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{48DD4BB1-AF0F-4329-8B49-0E682B9DD81D}C:\users\salinas\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\salinas\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{ED37A6A7-F1F4-47A9-9990-651BF23AF68F}C:\users\salinas\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\salinas\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{75ACB6DE-17EE-4E2E-A1D8-6D923539271C}] => (Block) C:\users\salinas\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{9581E3EC-DBA6-4066-B91D-0CC29BD003B4}] => (Block) C:\users\salinas\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{899B24D0-29F3-4CEA-82A8-08050EFC57E0}] => (Allow) C:\Program Files\AirPort\APAgent.exe
FirewallRules: [{0831C664-DDC0-47D5-8E1A-FDDD1C594E07}] => (Allow) C:\Program Files\AirPort\APAgent.exe
FirewallRules: [TCP Query User{4355E49D-D502-40F3-9DC9-8B7B8CDB2AD4}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{53394A06-01D5-42F5-A4AA-D283FC779EC4}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{B04FE2AA-4A6E-43BD-86ED-7C4C3CCDB468}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{636BAD92-6998-4860-9428-5CE618364374}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [{6155EC48-F10A-4BF0-8EED-4490AA6B421A}] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{E75A8FA9-8CD2-4DD2-BB70-FFF1F1C3884A}] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{9A408AC4-5CA4-4EE1-ADA0-04CBC7DB6E88}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{DEE1F47A-DA52-4D8A-A633-0595666C6D63}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{6A07E39F-E51D-4308-9689-E8E8C4A77EBE}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{D20AF9E2-0EFE-44AD-9A5C-910D35393A03}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [TCP Query User{D700327B-5C41-4602-8606-A41EBD3E47AA}C:\users\salinas\appdata\local\temp\pyl8c9c.tmp\pyrun.exe] => (Allow) C:\users\salinas\appdata\local\temp\pyl8c9c.tmp\pyrun.exe
FirewallRules: [UDP Query User{E6969E5D-5B22-4A9B-86FA-EB8766F15886}C:\users\salinas\appdata\local\temp\pyl8c9c.tmp\pyrun.exe] => (Allow) C:\users\salinas\appdata\local\temp\pyl8c9c.tmp\pyrun.exe
FirewallRules: [{59D14B38-8445-448F-97C5-8C69E2E23305}] => (Allow) C:\Users\Salinas\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{9DD77DE8-D309-4EB2-93D5-E2EF3F70B2DD}] => (Allow) C:\Users\Salinas\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{2E8F63FE-0AA5-424C-AD3C-B98E4D7051EA}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{B4742B3D-9157-45A5-A666-51C5DD56D4AC}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{14D34471-D5C8-4921-A102-5F2A8500EECA}] => (Allow) C:\Users\Salinas\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{108E8856-0216-471D-AC41-ABCCC367E817}] => (Allow) C:\Users\Salinas\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [TCP Query User{2F6DD374-6EF6-4A9E-97D2-EE3A6FEB69DE}C:\users\salinas\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\salinas\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{1D8B4C97-A57D-4FB1-8EED-FA4AF1321E68}C:\users\salinas\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\salinas\appdata\local\akamai\netsession_win.exe
FirewallRules: [{FBCB71D3-6F03-4D00-9C84-150479B5751E}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{3BF473C7-4377-4717-B9D8-E9EB0D6D3A6F}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{5B4C64B6-95C2-413C-82FA-FF5C2AC63FEA}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{BD0DFD50-A69C-49AF-8467-6A5019C33C3B}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{C1DE5B49-1961-40DB-A7C9-16BBD77525C6}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{76F66654-AA49-4D36-B6EF-88387BE8CD2B}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{8949096D-43DC-4104-881B-847400613D2E}] => (Allow) C:\Users\Salinas\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{1FC1937F-089A-409D-B2A8-6B6A22710F84}] => (Allow) C:\Users\Salinas\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{F614FA5E-2CC7-4F97-9E3E-AB050AB2F156}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{D2279AA8-F8A7-46E3-A258-F6A39D087EC8}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{7D53B5EF-462F-41A6-A12A-902E38DD32B9}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{86DF060F-F1ED-4310-8D47-91F46D01BC16}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{636A3569-34EF-42D5-8F27-68BF97FEA46A}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{F4E650BE-BEEA-4985-AB8F-A8A9737D0BB8}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{22E06FAA-FEFB-4FD8-AAD7-BD7BFF178DAB}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{533D3237-BB00-407F-840E-134A8525B803}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{1AD97DE2-6DE2-4A16-B3E6-65E6F53D4EC8}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A691BC9F-6960-4CFD-B15A-4413FD659454}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
FirewallRules: [{C28F6953-CE26-42A8-A826-00AEE5099980}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
FirewallRules: [{DBD0C807-D9C5-4402-BE45-AB8A4E745710}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{D0F2D6C5-D4CD-4FDC-A5EA-186F3A1E8716}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{AD766A93-CAA2-41FD-961A-3D8479562C1F}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
FirewallRules: [{B8A163A2-3A11-4A50-B6AF-4C71E308EBDA}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
FirewallRules: [{1CC72E25-B5E2-4463-BE37-7288AB398663}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{F4668FFA-209E-431A-961F-9884BA9EAEF7}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [TCP Query User{70611CEE-4308-4EA1-8896-E81E776262F2}C:\users\dora\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\dora\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{DA944B13-EE0E-4DBD-AA35-142833499238}C:\users\dora\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\dora\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{FC95B944-FCE3-410F-908E-59168341D5B5}] => (Allow) C:\Users\Salinas\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{F558C409-F50E-47AD-92C5-2034FCBE389F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{07F7F679-DC1D-49E9-B4E8-4268BC76A1D0}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{C0F32A1C-B5AD-44A2-B334-AD79D822FB15}] => (Allow) LPort=49189
FirewallRules: [{6E1CB59E-8EB4-4791-A9E3-8240C9434C63}] => (Allow) LPort=5000
FirewallRules: [{927E25E1-E4CF-4810-88A9-42F6970798DF}] => (Allow) LPort=49203
FirewallRules: [{1AF377D2-F884-43E1-90FE-CC282BFC5F3A}] => (Allow) LPort=5000

==================== Restore Points =========================

16-10-2017 08:16:57 Windows Update
20-10-2017 12:12:01 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/20/2017 12:41:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PSANHost.exe, version: 4.0.2.0, time stamp: 0x58a00964
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x59fffdd3
Faulting process id: 0x94c
Faulting application start time: 0x01d349c9037605e5
Faulting application path: C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
Faulting module path: unknown
Report Id: f0d84921-b5bd-11e7-ae9e-2c56dc99dc67

Error: (10/20/2017 12:30:12 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070002.

Error: (10/20/2017 12:07:24 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070002.

Error: (10/20/2017 11:43:01 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070002.

Error: (10/20/2017 11:41:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PSANHost.exe, version: 4.0.2.0, time stamp: 0x58a00964
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x458dffff
Faulting process id: 0x95c
Faulting application start time: 0x01d349c1900c2c99
Faulting application path: C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
Faulting module path: unknown
Report Id: 87877b4a-b5b5-11e7-aeb8-2c56dc99dc67

Error: (10/20/2017 11:16:15 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070002

Error: (10/20/2017 11:10:10 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x800706be).

Error: (10/20/2017 10:16:15 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070002

Error: (10/20/2017 09:16:15 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070002

Error: (10/20/2017 08:16:14 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070002

System errors:
=============
Error: (10/20/2017 12:42:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Panda Protection Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (10/20/2017 12:29:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SQL Server VSS Writer service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/20/2017 12:29:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVG WatchDog service terminated with service-specific error %%-536805315.

Error: (10/20/2017 12:29:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753637.

Error: (10/20/2017 12:28:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error:
The service did not start due to a logon failure.

Error: (10/20/2017 12:28:09 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error:
The request is not supported.

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (10/20/2017 12:27:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Panda Protection Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (10/20/2017 12:27:42 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (10/20/2017 12:27:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (10/20/2017 12:27:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

CodeIntegrity:
===================================
  Date: 2016-04-04 09:06:37.354
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-04 09:06:37.347
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-04 09:06:37.339
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-04 09:06:37.310
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-04 09:06:37.302
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-04 09:06:37.295
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-04 09:06:36.641
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\NNStlsc\NNStlsc.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-04 09:06:36.635
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\NNStlsc\NNStlsc.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-04 09:06:36.627
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\NNStlsc\NNStlsc.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-04 09:06:36.599
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\NNStlsc\NNStlsc.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD Athlon™ 5150 APU with Radeon™ R3
Percentage of memory in use: 75%
Total physical RAM: 2509.02 MB
Available physical RAM: 610.53 MB
Total Virtual: 5016.37 MB
Available Virtual: 2385.16 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:105.1 GB) (Free:4.25 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:21.66 GB) NTFS
Drive e: (WD 350GB) (Fixed) (Total:223.65 GB) (Free:191 GB) NTFS
Drive g: (OFFICE10) (CDROM) (Total:0.46 GB) (Free:0 GB) CDFS
Drive i: () (Fixed) (Total:127.99 GB) (Free:71.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: CD246D91)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=105.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=298.1 GB) - (Type=42)
Partition 2: (Not Active) - (Size=1337 KB) - (Type=42)

========================================================
Disk: 2 (Size: 37.3 GB) (Disk ID: 000A9B91)
Partition 1: (Not Active) - (Size=10.2 GB) - (Type=05)
Partition 2: (Active) - (Size=27 GB) - (Type=83)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 152.7 GB) (Disk ID: 056BCAB0)
Partition 1: (Not Active) - (Size=152.7 GB) - (Type=42)

==================== End of Addition.txt ============================

 

 

 

Attached Files

  • Attached File  FRST.txt   62.98KB   177 downloads

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP