I have been experiencing increased lag on my machine, and have opened task manager to find iexplore.exe is using +500MB or more of memory and continues to climb when I'm using it for email or anything really. I have already tried to un all the recommended malware removal and still same issue?
I need help to figure out what is killing my machine and iexplore.exe?
See below the Farbar.txt, also attached.
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-10-2017 01
Ran by Salinas (20-10-2017 12:44:34)
Running from C:\Users\Salinas\Downloads\IExplore Fix Tools
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2010-06-14 02:58:33)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3647659584-1139991080-2781195243-500 - Administrator - Disabled)
Dora (S-1-5-21-3647659584-1139991080-2781195243-1006 - Limited - Enabled) => C:\Users\Dora
Guest (S-1-5-21-3647659584-1139991080-2781195243-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-3647659584-1139991080-2781195243-1005 - Limited - Enabled)
Lily & June (S-1-5-21-3647659584-1139991080-2781195243-1009 - Limited - Enabled) => C:\Users\Lily & June
Salinas (S-1-5-21-3647659584-1139991080-2781195243-1004 - Administrator - Enabled) => C:\Users\Salinas
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2012 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AV: Panda Protection (Enabled - Up to date) {46AEFD02-ACA3-E038-1FA5-4A15EFD361E0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Protection (Enabled - Up to date) {FDCF1CE6-8A99-EFB6-2515-716794542B5D}
AS: AVG AntiVirus Free Edition 2012 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: Panda Firewall (Disabled) {7E957C27-E6CC-E160-34FA-E3201100269B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AC3Filter 1.62b (HKLM\...\AC3Filter_is1) (Version: 1.62b - Alexander Vigovsky)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
AI Suite 3 (HKLM\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.68 - ASUSTeK Computer Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\Akamai) (Version: - Akamai Technologies, Inc)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{6B3D4724-5D7A-4C43-1036-6AE7E822E3C7}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Asmedia USB Host Controller Driver (HKLM\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.23.0 - Asmedia Technology)
ASUS Product Register Program (HKLM\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
ATI Catalyst Registration (HKLM\...\{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}) (Version: 3.00.0000 - ATI Technologies Inc.) Hidden
Autodesk Material Library 2013 (HKLM\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Navisworks Freedom 2013 (HKLM\...\{F71A14BF-3695-0000-896C-53FA12C46719}) (Version: 10.1.879.81 - Autodesk) Hidden
Autodesk Navisworks Freedom 2013 (HKLM\...\Autodesk Navisworks Freedom 2013) (Version: 10.1.879.81 - Autodesk)
Autodesk Navisworks Freedom 2013 English Language Pack (HKLM\...\{F71A14BF-3695-0409-896C-53FA12C46719}) (Version: 10.1.879.81 - Autodesk) Hidden
Autodesk Navisworks Freedom 2013 English Language Pack (HKLM\...\Autodesk Navisworks Freedom 2013 English Language Pack) (Version: 10.1.879.81 - Autodesk)
AVG (HKLM\...\AvgZen) (Version: 1.116.3.1052 - AVG Technologies)
AVG 2011 (HKLM\...\{4EB34322-B940-46EB-810E-68E71A819269}) (Version: 10.0.1152 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{03DB8950-C7BD-4CB2-923C-8550D6D059FF}) (Version: 12.1.2265 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\{18FB0F02-B07D-4826-AC69-99F6B2C10DFA}) (Version: 12.0.4311 - AVG Technologies) Hidden
AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2265 - AVG Technologies)
AVG Zen (HKLM\...\{3D8C5CBA-DDCF-44CE-AD7D-B0AEF74E989E}) (Version: 1.116.2 - AVG Technologies) Hidden
Bluebeam Localization (HKLM\...\{FAC9853A-E045-499E-A08A-DAFAA698CA3F}) (Version: 12.6.0 - Bluebeam Software, Inc.) Hidden
Bluebeam Revu 12 International (HKLM\...\{8C284678-3F62-48F1-8B2C-2B102D2D6867}) (Version: 12.6.0 - Bluebeam Software) Hidden
Bluebeam Revu 12 International (HKLM\...\InstallShield_{8C284678-3F62-48F1-8B2C-2B102D2D6867}) (Version: 12.6.0 - Bluebeam Software)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.00 - Canon Inc.)
Canon MG2900 series On-screen Manual (HKLM\...\Canon MG2900 series On-screen Manual) (Version: 7.7.0 - Canon Inc.)
Canon MG2900 series User Registration (HKLM\...\Canon MG2900 series User Registration) (Version: - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.109.0.64 - Conexant)
Crimson 2.0 (HKLM\...\{32E9A3BF-1DB4-490E-A285-44457B81416F}) (Version: - )
Crimson 3.0 (HKLM\...\{9168C4E8-1A1B-4690-8D95-575982A7F45B}) (Version: 3.2.227 - Red Lion Controls Inc.)
DivX 4.0 Final Codec (HKLM\...\DIVXCodec) (Version: - )
DivX 5.0 Pro Bundle (HKLM\...\DivX 5.0 Pro Bundle) (Version: - )
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.224 - DivX, LLC)
dupeGuru (HKLM\...\{926F26B2-8CCD-42C2-8F5A-A3F9E682BC62}) (Version: 3.8.0 - Hardcoded Software)
ffdshow [rev 2527] [2008-12-19] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
FMW 1 (HKLM\...\{A2B92392-DC17-416B-88F6-A6A55E053E32}) (Version: 1.143.3 - AVG Technologies) Hidden
Google Drive (HKLM\...\{AC117AF9-316B-4E1D-959E-F0EB85B0DC5F}) (Version: 2.34.7100.0000 - Google, Inc.)
Google Earth Pro (HKLM\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google)
Google Photos Backup (HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.135 - Google Inc.) Hidden
Internet TV for Windows Media Center (HKLM\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Lenovo DirectShare (HKLM\...\{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: - ArcSoft)
Lenovo Service Bridge (HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo)
Lynda.com Desktop App (HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\6043ff57df569209) (Version: 1.3.3.90 - Lynda.com)
marvell 91xx driver (HKLM\...\MagniDriver) (Version: 1.0.0.1034 - Marvell)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{56B4002F-671C-49F4-984C-C760FE3806B5}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mpeg Layer3 Codec FHG-Radium v1.263 (HKLM\...\Mp3 Codec) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Netflix in Windows Media Center (HKLM\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
OpenOffice 4.1.2 (HKLM\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Panda Devices Agent (HKLM\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
Panda Protection (HKLM\...\{2DE1F55B-B8FC-4ACF-8EB2-A38056C8E476}) (Version: 8.91.00 - Panda Security) Hidden
Panda Protection (HKLM\...\Panda Universal Agent Endpoint) (Version: 18.1.0 - Panda Security)
PandoraRecovery (Remove Only) (HKLM\...\PandoraRecovery) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d4 - CyberLink Corp.)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RealDownloader (HKLM\...\{2275115D-1431-4A62-A98F-2F0393815327}) (Version: 18.1.9.106 - RealNetworks, Inc.) Hidden
RealDownloader (HKLM\...\{45bcec97-14a2-4e10-a129-58d2d0b34398}) (Version: 18.1.9.106 - RealNetworks) Hidden
RealDownloader (HKLM\...\{85584A8B-8989-42AA-81A0-80ABF61EFAF1}) (Version: 18.1.9.106 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM\...\RealPlayer 18.1) (Version: 18.1.9 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
ScottradeELITE v5 (HKLM\...\{7E94DCE4-F1F3-47AF-A2D4-8A81008D9B1F}) (Version: 5.3.0.0 - Scottrade Inc.)
SketchUp 2016 (HKLM\...\{F8F51164-606F-45A2-B706-10B0329BF740}) (Version: 16.1.1450 - Trimble Navigation Limited)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Imagination Station (remove only) (HKLM\...\The Imagination Station) (Version: - )
The Lord of the Rings FREE Trial (HKLM\...\{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
The Rosetta Stone (HKLM\...\The Rosetta Stone) (Version: - )
UpdateService (HKLM\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
USB Electronic Scale (HKLM\...\{D1E777C3-B26E-4E91-8B09-0A19B259A805}) (Version: 1.00.4000 - NA)
vc2012_redist (HKLM\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Video Downloader (HKLM\...\{4C68AE5C-915A-492A-AFCD-B630ECB9522D}) (Version: 18.1.9 - RealNetworks) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
vs2015_redist x86 (HKLM\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Windows Driver Package - Red Lion Controls (HMI) USB (01/13/2010 1.0.0.6) (HKLM\...\BEA29C59F1C197E983C09C30CB847015F2B4535D) (Version: 01/13/2010 1.0.0.6 - Red Lion Controls)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Center Add-in for Flash (HKLM\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2104.1.02B08 - ZTE Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{01971695-16C8-4886-9742-ADC79A269444}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Salinas\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.30.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.31.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{6E1B07CC-8C0F-46F1-B993-FA20D1C368C3}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.29.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.32.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{DEF63C56-2AB9-4284-A400-CDD81AED639E}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Salinas\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-10-09] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-10-09] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-10-09] (Google)
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files\AVG\AVG2012\avgse.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2017-05-25] (DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files\Common Files\DivX Shared\DivXShellExtension.dll [2017-05-25] (DivX, LLC)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-10-09] (Google)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files\Panda Security\Panda Security Protection\PSUAShell.dll [2017-02-22] (Panda Security, S.L.)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files\real\realplayer\RPDS\Bin\rpcontextmenu.dll [2017-10-03] (RealNetworks, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-10-09] (Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2014-02-15] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files\Panda Security\Panda Security Protection\PSUAShell.dll [2017-02-22] (Panda Security, S.L.)
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files\AVG\AVG2012\avgse.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files\Panda Security\Panda Security Protection\PSUAShell.dll [2017-02-22] (Panda Security, S.L.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07D40AFA-0247-47F4-8297-602863BA84C5} - \{2D52A9F6-0520-4318-9B5B-C15D9F3BBF76} -> No File <==== ATTENTION
Task: {09D34BC8-A36D-4DC8-91D9-D3A60D007F4C} - \{E813BD99-D0AA-40FE-A215-30C7E52D796A} -> No File <==== ATTENTION
Task: {0A15F273-59A5-4447-B4A2-027EBA215D3E} - \{76A0FA97-5123-4C7B-8530-F71D4B9DBB0E} -> No File <==== ATTENTION
Task: {0F72386D-66EC-436F-80D7-427D6F3AA8EC} - \{8E52FD58-3EC2-4207-BD96-7B68C7201B79} -> No File <==== ATTENTION
Task: {1164C104-4C07-4D03-9374-D686636CB4FE} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3647659584-1139991080-2781195243-1004 => C:\program files\real\RealDownloader\realupgrade.exe [2017-08-17] (RealNetworks, Inc.)
Task: {1A54337D-4FD2-4A29-A946-C839DD3054B3} - \RealUpgradeLogonTaskS-1-5-21-3647659584-1139991080-2781195243-1006 -> No File <==== ATTENTION
Task: {1C543C63-9487-4C41-9A13-E7280BC87C5F} - \RealUpgradeScheduledTaskS-1-5-21-3647659584-1139991080-2781195243-1006 -> No File <==== ATTENTION
Task: {1CCFEA1C-E1F5-4458-ABBD-ED3B616B3253} - \RealUpgradeScheduledTaskS-1-5-21-3647659584-1139991080-2781195243-1004 -> No File <==== ATTENTION
Task: {2656F34F-AF4A-458C-9CCD-E862F5F09B6A} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {2B5F6373-88E9-40BD-81FC-0A9EB6FB9DFD} - \{B4650410-25B6-4377-B01B-90F4EB4C1B0B} -> No File <==== ATTENTION
Task: {2DD9D344-DF9E-436C-9478-51A39A5D7E68} - System32\Tasks\DivXUpdate => C:\Program Files\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-05-26] (DivX, LLC)
Task: {32552979-7C40-4360-81D3-279DF5AF382E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3647659584-1139991080-2781195243-1006UA => C:\Users\Dora\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-22] (Google Inc.)
Task: {34E4D202-C757-4C70-8F3F-42C32E220B55} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3647659584-1139991080-2781195243-1006Core => C:\Users\Dora\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-22] (Google Inc.)
Task: {39977318-BBDF-4F10-889B-593C74B4FDA6} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-02-11] ()
Task: {4492EC65-DDF6-4E23-93D7-07216E14326C} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {4492EC65-DDF6-4E23-93D7-07216E14326C} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\windows\system32\GWX\GWXDetector.exe [2016-03-21] (Microsoft Corporation)
Task: {4FA96EA3-EE25-41E9-AE1E-F6606A755B88} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3647659584-1139991080-2781195243-1004 => "C:\windows\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Salinas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {522763DF-9354-474E-A4F7-EE8A187E093E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {522763DF-9354-474E-A4F7-EE8A187E093E} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\windows\system32\GWX\GWXDetector.exe [2016-03-21] (Microsoft Corporation)
Task: {5E22B1A3-F184-4F0A-88BB-94C61F6A6A60} - \{A50800C1-7FBC-47D3-9376-F023B1EA7E81} -> No File <==== ATTENTION
Task: {5E3F1E69-3213-4E3B-B1EA-E98A4705DCDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-20] (Google Inc.)
Task: {61D3FD90-2C5C-478A-9FF8-BD8C41D61E7B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3647659584-1139991080-2781195243-1004Core => C:\Users\Salinas\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-21] (Google Inc.)
Task: {66DE95D1-A56D-4BA2-9E4A-848444C83768} - System32\Tasks\RealDownloader Update Check => C:\program files\real\RealDownloader\downloader2.exe [2017-08-17] ()
Task: {67B476C3-0206-4A89-9B53-DBD41FB07FBD} - \RealPlayerRealUpgradeLogonTaskS-1-5-21-3647659584-1139991080-2781195243-1006 -> No File <==== ATTENTION
Task: {711F4EC8-ECFD-43E6-AE92-8A233ACE1875} - System32\Tasks\ASUS\Ez Update => C:\Program Files\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2014-01-07] ()
Task: {78EFAC36-0B5E-45CB-AD6B-DA2AE8B47099} - \{C2333ED9-6BD4-4EDC-A0FA-ECB32F29E68D} -> No File <==== ATTENTION
Task: {798278B5-E1E5-4C0A-BEF6-77A61178DDC1} - \RealUpgradeLogonTaskS-1-5-21-3647659584-1139991080-2781195243-1004 -> No File <==== ATTENTION
Task: {8227C4FD-BECB-42C0-93D1-374F63E8CD0F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3647659584-1139991080-2781195243-1004UA => C:\Users\Salinas\AppData\Local\Google\Update\GoogleUpdate.exe [2016-03-21] (Google Inc.)
Task: {832CB181-2A09-4EE2-9991-5C44C870A6E3} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {832CB181-2A09-4EE2-9991-5C44C870A6E3} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {832CB181-2A09-4EE2-9991-5C44C870A6E3} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\windows\system32\GWX\GWXDetector.exe [2016-03-21] (Microsoft Corporation)
Task: {8B8FF742-CF2B-4F5B-A7F9-044E5E864186} - \{5E122F1D-DE60-4F5F-BC72-AEBD7C25C8BE} -> No File <==== ATTENTION
Task: {9305F254-5184-4C96-8491-5DF3BDAAF217} - \{926EC70A-65DB-4439-A21F-7A8BF1B1AF3D} -> No File <==== ATTENTION
Task: {964A762F-91B8-4A73-94F9-5CD431ACD937} - \{AC109C08-2AEA-4C45-A0FC-BD9805790AB4} -> No File <==== ATTENTION
Task: {A44FF339-E459-4F10-A67D-EC376D0265FB} - \Launch FutureDial Suite -> No File <==== ATTENTION
Task: {A512BD05-38A7-48FD-A763-10F02589E818} - System32\Tasks\RealCreateProcessScheduledTask532743492S-1-5-21-3647659584-1139991080-2781195243-1004 => c:\program files\real\realplayer\realplay.exe [2017-10-03] (RealNetworks, Inc.)
Task: {ACEAFEA1-C3D3-4B23-B762-884887A9178E} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3647659584-1139991080-2781195243-1004 => C:\program files\real\RealDownloader\realupgrade.exe [2017-08-17] (RealNetworks, Inc.)
Task: {AD56AE9C-D367-4397-9E6D-A18E98F41C45} - \{425EBCAA-45E1-40D6-85BB-40FA10120C10} -> No File <==== ATTENTION
Task: {AD738F2A-DC81-405C-A423-03C82EB23E7D} - System32\Tasks\{D8D08D56-CAED-411A-B1B9-FB5B6CED9303} => C:\windows\system32\pcalua.exe -a C:\Users\Salinas\AppData\Local\Temp\jre-8u121-windows-au.exe -d C:\windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {C5C7D3F7-C54C-4761-9568-8D89A9330EC3} - \RealPlayerRealUpgradeScheduledTaskS-1-5-21-3647659584-1139991080-2781195243-1006 -> No File <==== ATTENTION
Task: {C879B86B-7994-4B32-ABC6-2FA5A0253E94} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {CB3BABA2-08E7-470C-AFB0-0F3196D38153} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {CF846262-5A28-4C09-BB57-4A9E9B013A0C} - \{2C9C54F8-3E73-4C1F-B70C-0D101E6FE2FF} -> No File <==== ATTENTION
Task: {D0D5CB4A-3542-4C51-8915-07DBCC4C02DB} - \SidebarExecute -> No File <==== ATTENTION
Task: {D4F9C58E-85A9-42C8-8DD0-1BE2E844E59D} - \{84086116-D8E0-458F-AAA2-AF3E323BCEC3} -> No File <==== ATTENTION
Task: {D66ADAC2-3981-498C-ACCF-5CA5EB8EB791} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-20] (Google Inc.)
Task: {E0A29640-A63F-4E88-B717-4EE89D69199A} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files\ASUS\AI Suite III\AISuite3.exe [2014-02-11] (ASUSTeK Computer Inc.)
Task: {E3DCA757-2D56-48C2-9261-9ACBB5CF6D3B} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {E3DCA757-2D56-48C2-9261-9ACBB5CF6D3B} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\windows\system32\GWX\GWXDetector.exe [2016-03-21] (Microsoft Corporation)
Task: {F3AAA26B-A2E7-4FBA-A758-4CD1B9CD5A7D} - \{45632D27-311F-4476-8233-1A4BC12E9B07} -> No File <==== ATTENTION
Task: {F50C2D0C-B931-4AA6-B953-AB24DA3AF988} - \{8CB4BBE0-3DA4-4079-8154-47FA9EB1CC23} -> No File <==== ATTENTION
Task: {FAC4618C-61DA-4711-938A-22A6BAC3AC1E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-01-28 06:16 - 2014-01-28 06:16 - 000936728 ____N () C:\Program Files\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-03-20 23:08 - 2017-10-20 12:29 - 000025600 _____ () C:\Program Files\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-03-20 23:08 - 2014-01-28 06:16 - 000104448 ____N () C:\Program Files\ASUS\AXSP\1.01.02\ATKEX.dll
2016-03-22 19:45 - 2013-06-28 10:58 - 000084616 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2015-12-15 12:17 - 2015-12-15 12:17 - 000618544 _____ () C:\Program Files\Panda Security\Panda Security Protection\SQLite3.dll
2016-03-20 23:10 - 2014-02-11 21:22 - 001226520 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2016-03-20 23:10 - 2014-02-11 21:22 - 000685056 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2016-03-20 23:10 - 2014-02-11 21:22 - 000858112 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2016-03-20 23:10 - 2014-02-11 21:22 - 000766976 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2016-03-20 23:10 - 2014-02-11 21:22 - 000807936 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2016-03-20 23:09 - 2014-01-07 10:36 - 001427768 _____ () C:\Program Files\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2016-03-20 23:09 - 2014-01-07 10:19 - 005778416 _____ () C:\Program Files\ASUS\AI Suite III\EZ Update\EzULIB.dll
2016-03-20 23:09 - 2010-06-21 15:21 - 000208896 _____ () C:\Program Files\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2016-03-20 23:09 - 2014-01-28 11:16 - 000091648 _____ () C:\Program Files\ASUS\AI Suite III\Log4cxxWrapper.dll
2016-03-20 23:09 - 2014-01-28 11:16 - 000147456 _____ () C:\Program Files\ASUS\AI Suite III\AssistFunc.dll
2016-03-20 23:09 - 2013-03-13 17:12 - 000870912 _____ () C:\Program Files\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2016-03-20 23:10 - 2014-02-13 23:08 - 003296256 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\dip4.dll
2016-03-20 23:09 - 2014-01-14 09:50 - 001138176 _____ () C:\Program Files\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2016-03-20 23:08 - 2014-01-28 06:16 - 000662016 ____R () C:\Program Files\ASUS\AAHM\1.00.22\aaHMLib.dll
2016-11-28 09:20 - 2016-11-28 09:20 - 048920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
2017-08-17 15:21 - 2017-08-17 15:21 - 001259704 _____ () C:\Program Files\Real\RealDownloader\downloader2.exe
2017-10-03 14:43 - 2017-10-03 14:43 - 000101200 _____ () c:\program files\real\realplayer\CrashRpt\CrashRpt1402.dll
2017-10-20 12:30 - 2017-10-20 12:30 - 000098816 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32api.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000110080 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\pywintypes27.dll
2017-10-20 12:30 - 2017-10-20 12:30 - 000364544 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\pythoncom27.dll
2017-10-20 12:30 - 2017-10-20 12:30 - 000320512 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32com.shell.shell.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000914432 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_hashlib.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 001176576 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._core_.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000806400 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._gdi_.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000816128 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._windows_.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 001067008 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._controls_.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000733184 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._misc_.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000682496 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\pysqlite2._sqlite.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000088064 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_ctypes.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000686080 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\unicodedata.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000119808 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32file.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000108544 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32security.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000007168 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\hashobjs_ext.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000017920 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\thumbnails_ext.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000088064 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\usb_ext.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000012800 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\common.time34.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000018432 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32event.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000167936 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32gui.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000046080 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_socket.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 001303552 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_ssl.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000128512 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_elementtree.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000127488 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\pyexpat.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000038912 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32inet.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000036864 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_psutil_windows.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000524248 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\windows._lib_cacheinvalidation.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000011264 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32crypt.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000123392 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._wizard.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000077312 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._html2.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000027648 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_multiprocessing.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000020480 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\_yappi.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000035840 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32process.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000078848 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\wx._animate.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000024064 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32pipe.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000010240 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\select.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000025600 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32pdh.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000017408 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32profile.pyd
2017-10-20 12:30 - 2017-10-20 12:30 - 000022528 ____R () C:\Users\Salinas\AppData\Local\Temp\_MEI52042\win32ts.pyd
2016-03-20 23:09 - 2014-01-28 11:16 - 000944952 _____ () C:\Program Files\ASUS\AI Suite III\ASUSMiniBar.exe
2016-03-20 23:10 - 2014-02-13 17:00 - 000733184 _____ () C:\Program Files\ASUS\AI Suite III\DIP4\EPU.dll
2014-02-15 04:57 - 2014-02-15 04:57 - 000095744 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\...\100sexlinks.com -> 100sexlinks.com
There are 4791 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:04 - 2017-10-20 11:43 - 000000027 _____ C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3647659584-1139991080-2781195243-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Salinas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: SeaPort => 2
MSCONFIG\Services: vToolbarUpdater14.1.7 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupreg: ATICustomerCare => "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FAF6B61B-8BF9-4DC8-9BD3-0F9D0AEFF352}] => (Allow) C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{BC388E0F-A046-4EB8-90DC-A8A393AF31B1}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{D4DEBBF8-10D7-4C88-B1D6-4C2A8976C73F}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{BA8609B2-B910-4129-A46E-385298967ABA}] => (Allow) svchost.exe
FirewallRules: [{A2B83C6A-E52D-4CB8-823A-F40F363FBE9E}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{48DD4BB1-AF0F-4329-8B49-0E682B9DD81D}C:\users\salinas\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\salinas\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{ED37A6A7-F1F4-47A9-9990-651BF23AF68F}C:\users\salinas\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\salinas\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{75ACB6DE-17EE-4E2E-A1D8-6D923539271C}] => (Block) C:\users\salinas\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{9581E3EC-DBA6-4066-B91D-0CC29BD003B4}] => (Block) C:\users\salinas\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{899B24D0-29F3-4CEA-82A8-08050EFC57E0}] => (Allow) C:\Program Files\AirPort\APAgent.exe
FirewallRules: [{0831C664-DDC0-47D5-8E1A-FDDD1C594E07}] => (Allow) C:\Program Files\AirPort\APAgent.exe
FirewallRules: [TCP Query User{4355E49D-D502-40F3-9DC9-8B7B8CDB2AD4}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{53394A06-01D5-42F5-A4AA-D283FC779EC4}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [TCP Query User{B04FE2AA-4A6E-43BD-86ED-7C4C3CCDB468}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{636BAD92-6998-4860-9428-5CE618364374}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [{6155EC48-F10A-4BF0-8EED-4490AA6B421A}] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{E75A8FA9-8CD2-4DD2-BB70-FFF1F1C3884A}] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{9A408AC4-5CA4-4EE1-ADA0-04CBC7DB6E88}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{DEE1F47A-DA52-4D8A-A633-0595666C6D63}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{6A07E39F-E51D-4308-9689-E8E8C4A77EBE}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{D20AF9E2-0EFE-44AD-9A5C-910D35393A03}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [TCP Query User{D700327B-5C41-4602-8606-A41EBD3E47AA}C:\users\salinas\appdata\local\temp\pyl8c9c.tmp\pyrun.exe] => (Allow) C:\users\salinas\appdata\local\temp\pyl8c9c.tmp\pyrun.exe
FirewallRules: [UDP Query User{E6969E5D-5B22-4A9B-86FA-EB8766F15886}C:\users\salinas\appdata\local\temp\pyl8c9c.tmp\pyrun.exe] => (Allow) C:\users\salinas\appdata\local\temp\pyl8c9c.tmp\pyrun.exe
FirewallRules: [{59D14B38-8445-448F-97C5-8C69E2E23305}] => (Allow) C:\Users\Salinas\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{9DD77DE8-D309-4EB2-93D5-E2EF3F70B2DD}] => (Allow) C:\Users\Salinas\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{2E8F63FE-0AA5-424C-AD3C-B98E4D7051EA}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{B4742B3D-9157-45A5-A666-51C5DD56D4AC}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{14D34471-D5C8-4921-A102-5F2A8500EECA}] => (Allow) C:\Users\Salinas\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{108E8856-0216-471D-AC41-ABCCC367E817}] => (Allow) C:\Users\Salinas\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [TCP Query User{2F6DD374-6EF6-4A9E-97D2-EE3A6FEB69DE}C:\users\salinas\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\salinas\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{1D8B4C97-A57D-4FB1-8EED-FA4AF1321E68}C:\users\salinas\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\salinas\appdata\local\akamai\netsession_win.exe
FirewallRules: [{FBCB71D3-6F03-4D00-9C84-150479B5751E}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{3BF473C7-4377-4717-B9D8-E9EB0D6D3A6F}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{5B4C64B6-95C2-413C-82FA-FF5C2AC63FEA}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{BD0DFD50-A69C-49AF-8467-6A5019C33C3B}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{C1DE5B49-1961-40DB-A7C9-16BBD77525C6}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{76F66654-AA49-4D36-B6EF-88387BE8CD2B}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{8949096D-43DC-4104-881B-847400613D2E}] => (Allow) C:\Users\Salinas\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{1FC1937F-089A-409D-B2A8-6B6A22710F84}] => (Allow) C:\Users\Salinas\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{F614FA5E-2CC7-4F97-9E3E-AB050AB2F156}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{D2279AA8-F8A7-46E3-A258-F6A39D087EC8}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{7D53B5EF-462F-41A6-A12A-902E38DD32B9}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{86DF060F-F1ED-4310-8D47-91F46D01BC16}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{636A3569-34EF-42D5-8F27-68BF97FEA46A}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{F4E650BE-BEEA-4985-AB8F-A8A9737D0BB8}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{22E06FAA-FEFB-4FD8-AAD7-BD7BFF178DAB}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{533D3237-BB00-407F-840E-134A8525B803}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{1AD97DE2-6DE2-4A16-B3E6-65E6F53D4EC8}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A691BC9F-6960-4CFD-B15A-4413FD659454}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
FirewallRules: [{C28F6953-CE26-42A8-A826-00AEE5099980}] => (Allow) C:\Program Files\AVG\AVG2012\avgnsx.exe
FirewallRules: [{DBD0C807-D9C5-4402-BE45-AB8A4E745710}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{D0F2D6C5-D4CD-4FDC-A5EA-186F3A1E8716}] => (Allow) C:\Program Files\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{AD766A93-CAA2-41FD-961A-3D8479562C1F}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
FirewallRules: [{B8A163A2-3A11-4A50-B6AF-4C71E308EBDA}] => (Allow) C:\Program Files\AVG\AVG2012\avgemcx.exe
FirewallRules: [{1CC72E25-B5E2-4463-BE37-7288AB398663}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{F4668FFA-209E-431A-961F-9884BA9EAEF7}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [TCP Query User{70611CEE-4308-4EA1-8896-E81E776262F2}C:\users\dora\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\dora\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{DA944B13-EE0E-4DBD-AA35-142833499238}C:\users\dora\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\dora\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{FC95B944-FCE3-410F-908E-59168341D5B5}] => (Allow) C:\Users\Salinas\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{F558C409-F50E-47AD-92C5-2034FCBE389F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{07F7F679-DC1D-49E9-B4E8-4268BC76A1D0}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{C0F32A1C-B5AD-44A2-B334-AD79D822FB15}] => (Allow) LPort=49189
FirewallRules: [{6E1CB59E-8EB4-4791-A9E3-8240C9434C63}] => (Allow) LPort=5000
FirewallRules: [{927E25E1-E4CF-4810-88A9-42F6970798DF}] => (Allow) LPort=49203
FirewallRules: [{1AF377D2-F884-43E1-90FE-CC282BFC5F3A}] => (Allow) LPort=5000
==================== Restore Points =========================
16-10-2017 08:16:57 Windows Update
20-10-2017 12:12:01 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/20/2017 12:41:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PSANHost.exe, version: 4.0.2.0, time stamp: 0x58a00964
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x59fffdd3
Faulting process id: 0x94c
Faulting application start time: 0x01d349c9037605e5
Faulting application path: C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
Faulting module path: unknown
Report Id: f0d84921-b5bd-11e7-ae9e-2c56dc99dc67
Error: (10/20/2017 12:30:12 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070002.
Error: (10/20/2017 12:07:24 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070002.
Error: (10/20/2017 11:43:01 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070002.
Error: (10/20/2017 11:41:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PSANHost.exe, version: 4.0.2.0, time stamp: 0x58a00964
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x458dffff
Faulting process id: 0x95c
Faulting application start time: 0x01d349c1900c2c99
Faulting application path: C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
Faulting module path: unknown
Report Id: 87877b4a-b5b5-11e7-aeb8-2c56dc99dc67
Error: (10/20/2017 11:16:15 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070002
Error: (10/20/2017 11:10:10 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x800706be).
Error: (10/20/2017 10:16:15 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070002
Error: (10/20/2017 09:16:15 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070002
Error: (10/20/2017 08:16:14 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070002
System errors:
=============
Error: (10/20/2017 12:42:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Panda Protection Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (10/20/2017 12:29:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s).
Error: (10/20/2017 12:29:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVG WatchDog service terminated with service-specific error %%-536805315.
Error: (10/20/2017 12:29:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753637.
Error: (10/20/2017 12:28:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error:
The service did not start due to a logon failure.
Error: (10/20/2017 12:28:09 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error:
The request is not supported.
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (10/20/2017 12:27:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Panda Protection Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (10/20/2017 12:27:42 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (10/20/2017 12:27:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (10/20/2017 12:27:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
CodeIntegrity:
===================================
Date: 2016-04-04 09:06:37.354
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-04-04 09:06:37.347
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-04-04 09:06:37.339
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-04-04 09:06:37.310
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-04-04 09:06:37.302
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-04-04 09:06:37.295
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\psinreg\PSINReg.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-04-04 09:06:36.641
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\NNStlsc\NNStlsc.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-04-04 09:06:36.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\NNStlsc\NNStlsc.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-04-04 09:06:36.627
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\NNStlsc\NNStlsc.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-04-04 09:06:36.599
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Panda Security\Panda Security Protection\Drivers\NNStlsc\NNStlsc.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Athlon 5150 APU with Radeon R3
Percentage of memory in use: 75%
Total physical RAM: 2509.02 MB
Available physical RAM: 610.53 MB
Total Virtual: 5016.37 MB
Available Virtual: 2385.16 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:105.1 GB) (Free:4.25 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:21.66 GB) NTFS
Drive e: (WD 350GB) (Fixed) (Total:223.65 GB) (Free:191 GB) NTFS
Drive g: (OFFICE10) (CDROM) (Total:0.46 GB) (Free:0 GB) CDFS
Drive i: () (Fixed) (Total:127.99 GB) (Free:71.91 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: CD246D91)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=105.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=298.1 GB) - (Type=42)
Partition 2: (Not Active) - (Size=1337 KB) - (Type=42)
========================================================
Disk: 2 (Size: 37.3 GB) (Disk ID: 000A9B91)
Partition 1: (Not Active) - (Size=10.2 GB) - (Type=05)
Partition 2: (Active) - (Size=27 GB) - (Type=83)
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 152.7 GB) (Disk ID: 056BCAB0)
Partition 1: (Not Active) - (Size=152.7 GB) - (Type=42)
==================== End of Addition.txt ============================