Dllhost.exe & Svchost.exe spam and Error codes.

[James54]

I had some sluggish activity and wifi disconnects for a 1 here and there so I did a system restore to last week thinking it was just a bug or something I downloaded, Then it got really weird and Javaws.exe would spawn endlessly until my cpu usage hit 100% and freeze. After restarts and shutdowns it changed to dllhost.exe and Svchost.exe and even sometimes Conhost.exe and Nvidia and Windowsmediaplayerhost services will spam. I belive it might be Poweliks from reading alot of forums. I have no clue how to resolve this but now I get error codes if i try to fight it or even can't access most basic windows tools. My nvidia driver seems to have stopped working too. Im completely lost and feeling defeated now, been working on this for 10 hours straight. Here are the Farbar Recovery Scan tool I have to copypasta because upload a file and most buttons dont even work....

 

[TwinHeadedEagle]

Hello,



They call me TwinHeadedEagle around here, and I'll be working with you.



Before we start please read and note the following:

• At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
• Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
• Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
• Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  
• All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
• If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
• I visit forum several times at day, making sure to respond to everyone's topic as fast as possible. But bear in mind that I have private life like everyone and I cannot be here 24/7. So please be patient with me. Also, some infections require less, and some more time to be removed completely, so bear this in mind and be patient.
• Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. If you solved your problem yourself, set aside two minutes to let me know.
  
• Please attach all report using
  
  button below. Doing this, you make it easier for me to analyze and fix your problem.
  
• Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay for the repair.
• If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

Rules and policies

We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Make sure that Addition option is checked.
• Press Scan button and wait.
• The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

 

[James54]

It will not allow me to attach one of my problems is buttons not working on sites and programs. >.<
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-07-2015 01
Ran by James (administrator) on JAMESPRO-PC on 20-07-2015 04:35:58
Running from C:\Users\James\Downloads
Loaded Profiles: James (Available Profiles: James)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Spotify Ltd) C:\Users\James\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Symantec Corporation) C:\Users\Public\Downloads\Norton\{NSTW2250124-SHPD-FSD51083}\NS-TW-22.5.0-EN-US.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818856 2011-08-26] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7284328 2011-08-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-11-01] (Intel(R) Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4146848 2011-08-29] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621752 2015-07-07] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-384863828-2728954085-3972846289-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-384863828-2728954085-3972846289-1001\...\Run: [Spotify Web Helper] => C:\Users\James\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2008632 2015-07-10] (Spotify Ltd)
HKU\S-1-5-21-384863828-2728954085-3972846289-1001\...\Run: [Norton Download Manager{NSTW2250124-SHPD-FSD51083}] => C:\Users\Public\Downloads\Norton\{NSTW2250124-SHPD-FSD51083}\NSDownloader.exe [1110424 2015-07-20] (Symantec Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [165760 2014-12-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-01-29]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => No File
ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:56654;https=127.0.0.1:56654
ProxyServer: [S-1-5-21-384863828-2728954085-3972846289-1001] => http=127.0.0.1:56654;https=127.0.0.1:56654
HKU\S-1-5-21-384863828-2728954085-3972846289-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1
HKU\S-1-5-21-384863828-2728954085-3972846289-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
SearchScopes: HKLM -> DefaultScope {6AA881AA-839E-4B81-BEC1-BB8717FCEC4E} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {6AA881AA-839E-4B81-BEC1-BB8717FCEC4E} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {6AA881AA-839E-4B81-BEC1-BB8717FCEC4E} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {6AA881AA-839E-4B81-BEC1-BB8717FCEC4E} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-384863828-2728954085-3972846289-1001 -> DefaultScope {6AA881AA-839E-4B81-BEC1-BB8717FCEC4E} URL =
SearchScopes: HKU\S-1-5-21-384863828-2728954085-3972846289-1001 -> {6AA881AA-839E-4B81-BEC1-BB8717FCEC4E} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: No Name -> {326E768D-4182-46FD-9C16-1449A49795F4} -> No File
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: No Name -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKLM-x32 - No Name - {8dcb7100-df86-4384-8842-8fa844297b3f} - No File
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1F3DDB20-4D80-41EB-9265-041C83589C80}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CB4678BA-D1A4-4BE7-81C2-3B19841EC9CD}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\gpngai06.default
FF Homepage: hxxp://www.gamefaqs.com/pc
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-20] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-12-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-12-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-384863828-2728954085-3972846289-1001: bluejeans.com/bjninstallplugin -> C:\Users\James\AppData\Roaming\Blue Jeans\bjnplugin\2.100.85.8\npbjninstallplugin_2.100.85.8.dll [2015-06-22] (Blue Jeans)
FF Plugin HKU\S-1-5-21-384863828-2728954085-3972846289-1001: bluejeans.com/bjnplugin -> C:\Users\James\AppData\Roaming\Blue Jeans\bjnplugin\2.100.85.8\npbjnplugin_2.100.85.8.dll [2015-06-22] (Blue Jeans)
FF user.js: detected! => C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\gpngai06.default\user.js [2013-01-20]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\gpngai06.default\searchplugins\startpage-ssl.xml [2014-10-18]
FF Extension: Playtopus - C:\Users\James\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\links@playtopus.com [2012-12-30]
FF Extension: WOT - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\gpngai06.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-10]
FF Extension: Cookies Manager+ - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\gpngai06.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2015-06-01]
FF Extension: Classic Theme Restorer (Customize UI) - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\gpngai06.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-07-31]
FF Extension: Classic Toolbar Buttons - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\gpngai06.default\Extensions\CSTBB@NArisT2_Noia4dev.xpi [2014-07-31]
FF Extension: Ghostery - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\gpngai06.default\Extensions\firefox@ghostery.com.xpi [2014-07-28]
FF Extension: ExHentai Easy 2 - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\gpngai06.default\Extensions\jid1-7NbXi2AqS1oUFw@jetpack.xpi [2014-11-03]
FF Extension: TrafficLight - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\gpngai06.default\Extensions\trafficlight@bitdefender.com.xpi [2014-10-18]
FF Extension: Image Zoom - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\gpngai06.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2012-06-19]
FF Extension: Greasemonkey - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\gpngai06.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-12-30]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-06-24]
FF HKU\S-1-5-21-384863828-2728954085-3972846289-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Profile: C:\Users\James\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jneaojaoiajhnemidnjhoempalnidbhj] - C:\Users\James\AppData\Local\Coupon Companion Plugin\Chrome\Coupon Companion Plugin.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-06-09] (BioWare)
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [166912 2012-04-10] (Dell Products, LP.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [712504 2015-07-07] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-11-01] ()
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-07-03] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299152 2014-12-13] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-20 04:35 - 2015-07-20 04:36 - 00022633 _____ C:\Users\James\Downloads\FRST.txt
2015-07-20 04:34 - 2015-07-20 04:36 - 00000000 ____D C:\FRST
2015-07-20 04:34 - 2015-07-20 04:34 - 02134528 _____ (Farbar) C:\Users\James\Downloads\FRST64.exe
2015-07-20 04:33 - 2015-07-20 04:33 - 01637888 _____ (Farbar) C:\Users\James\Downloads\FRST.exe
2015-07-20 04:28 - 2015-07-20 04:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-07-20 04:28 - 2015-07-20 04:28 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-07-20 04:28 - 2015-07-20 04:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-07-20 04:27 - 2015-07-20 04:27 - 02865544 _____ (Malwarebytes ) C:\Users\James\Downloads\mbae-setup-1.07.1.1011.exe
2015-07-20 04:05 - 2015-07-20 04:05 - 00449410 _____ C:\Users\James\Downloads\ESETPoweliksCleaner.exe_20150720.040519.5432.log
2015-07-20 04:05 - 2015-07-20 04:05 - 00224968 _____ (ESET) C:\Users\James\Downloads\ESETPoweliksCleaner.exe
2015-07-20 04:05 - 2015-07-20 04:05 - 00000022 _____ C:\Users\James\Downloads\ESETPoweliksCleaner.exe_20150720.040519.5432.zip
2015-07-20 03:04 - 2015-07-20 03:04 - 00000545 _____ C:\Windows\wininit.ini
2015-07-20 01:54 - 2009-06-10 17:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20150720-015429.backup
2015-07-20 01:10 - 2015-07-20 03:04 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-07-20 01:10 - 2015-07-20 01:17 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-20 01:10 - 2015-07-20 01:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-07-20 01:10 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-07-20 01:06 - 2015-07-20 01:06 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\James\Downloads\spybot-2.4.exe
2015-07-20 00:53 - 2015-07-20 00:53 - 00563296 _____ (Oracle Corporation) C:\Users\James\Downloads\jre-8u51-windows-i586-iftw(1).exe
2015-07-20 00:18 - 2015-07-20 04:07 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-20 00:17 - 2015-07-20 00:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-20 00:17 - 2015-07-20 00:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-20 00:17 - 2015-07-20 00:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-20 00:17 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-20 00:17 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-20 00:17 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-20 00:16 - 2015-07-20 00:16 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\James\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-20 00:10 - 2015-07-20 03:45 - 00000000 ____D C:\Users\James\AppData\Local\CrashDumps
2015-07-20 00:09 - 2015-07-20 00:09 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-07-20 00:08 - 2015-07-20 00:08 - 01110424 _____ (Symantec Corporation) C:\Users\James\Downloads\NSDownloader.exe
2015-07-20 00:03 - 2015-07-20 03:35 - 00000000 ____D C:\ProgramData\Norton
2015-07-20 00:03 - 2015-07-20 00:05 - 00000000 ____D C:\Users\James\AppData\Local\NPE
2015-07-20 00:03 - 2015-07-20 00:03 - 03088296 _____ (Symantec Corporation) C:\Users\James\Downloads\NPE.exe
2015-07-20 00:01 - 2015-07-20 00:01 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-19 23:39 - 2015-07-19 23:39 - 00003166 _____ C:\Windows\System32\Tasks\{6DCC0D8F-0FAC-46E9-A94A-065BD23EBF30}
2015-07-19 23:38 - 2015-07-19 23:38 - 00563296 _____ (Oracle Corporation) C:\Users\James\Downloads\jre-8u51-windows-i586-iftw.exe
2015-07-19 23:06 - 2015-07-19 23:06 - 00003352 ____N C:\bootsqm.dat
2015-07-19 23:02 - 2015-07-19 23:02 - 00000000 __SHD C:\found.002
2015-07-14 01:30 - 2015-07-14 01:30 - 00000213 ____H C:\Users\James\.swfinfo
2015-07-13 23:07 - 2015-07-19 20:09 - 00000000 ____D C:\Program Files (x86)\Kodi
2015-07-08 19:44 - 2015-07-08 19:44 - 00000000 ____D C:\Users\James\AppData\Local\Nicke_Manarin
2015-07-08 01:53 - 2015-07-08 01:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-07-08 01:38 - 2015-07-11 20:20 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-07-04 03:53 - 2015-07-05 12:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-30 12:15 - 2015-06-30 12:15 - 00000000 ____D C:\Users\James\Desktop\Screenshots
2015-06-29 17:04 - 2015-06-29 17:04 - 00000000 ____D C:\Users\James\AppData\Roaming\Blue Jeans
2015-06-29 17:03 - 2015-06-29 17:03 - 04788224 _____ C:\Users\James\Downloads\bjnplugin_2.100.85.8.msi
2015-06-20 01:58 - 2015-06-20 01:58 - 00000000 ____D C:\Users\James\AppData\Local\Blizzard

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-20 04:36 - 2012-06-12 08:20 - 01430747 _____ C:\Windows\WindowsUpdate.log
2015-07-20 04:01 - 2015-01-29 13:19 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-20 03:42 - 2009-07-14 01:13 - 00783424 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-20 03:42 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-20 03:42 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-20 03:35 - 2014-12-26 17:33 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-07-20 03:34 - 2012-06-12 08:17 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-20 03:34 - 2012-06-12 06:58 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2015-07-20 03:34 - 2010-11-20 23:47 - 00479500 _____ C:\Windows\PFRO.log
2015-07-20 03:34 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-20 03:34 - 2009-07-14 00:51 - 00166074 _____ C:\Windows\setupact.log
2015-07-20 03:32 - 2009-07-14 01:08 - 00032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-20 03:24 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-20 00:41 - 2013-01-20 02:41 - 00000000 ____D C:\ProgramData\APN
2015-07-20 00:01 - 2015-01-29 13:19 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-20 00:01 - 2015-01-29 13:19 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-19 23:59 - 2013-07-10 14:58 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-19 21:45 - 2015-01-25 12:16 - 00000000 ____D C:\Users\James\AppData\Roaming\Spotify
2015-07-19 21:45 - 2015-01-25 12:16 - 00000000 ____D C:\Users\James\AppData\Local\Spotify
2015-07-19 21:14 - 2013-02-27 22:29 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-07-19 21:14 - 2013-02-27 22:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-19 21:12 - 2013-02-27 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-19 20:47 - 2012-06-19 14:22 - 00000000 ____D C:\Users\James
2015-07-19 20:35 - 2012-06-12 07:02 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2015-07-19 20:35 - 2012-06-12 07:02 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2015-07-19 20:33 - 2015-01-29 12:57 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-19 20:33 - 2015-01-08 08:58 - 00000000 ____D C:\Users\James\AppData\Local\NVIDIA
2015-07-19 20:33 - 2015-01-08 08:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-19 20:33 - 2015-01-08 01:57 - 00000000 ____D C:\Users\James\AppData\Roaming\Battle.net
2015-07-19 20:33 - 2014-12-31 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-19 20:33 - 2013-06-23 20:25 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-19 20:33 - 2012-09-17 23:24 - 00000000 ____D C:\Users\James\AppData\Roaming\Ventrilo
2015-07-19 20:33 - 2012-06-12 08:17 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-19 20:33 - 2012-06-12 08:17 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-07-19 20:33 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\AppCompat
2015-07-19 20:32 - 2010-11-21 03:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-07-19 20:32 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2015-07-19 20:30 - 2014-01-09 23:39 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-19 20:30 - 2013-11-13 19:15 - 00000000 ____D C:\ProgramData\Oracle
2015-07-19 20:30 - 2012-06-12 08:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-19 18:55 - 2015-01-08 01:57 - 00000000 ____D C:\Users\James\AppData\Local\Battle.net
2015-07-18 19:34 - 2012-06-19 14:36 - 00000000 ____D C:\Users\James\AppData\Local\Nero
2015-07-11 23:58 - 2015-01-08 02:02 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-07-11 15:00 - 2012-08-23 13:05 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher
2015-07-09 17:01 - 2015-01-29 13:19 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-05 12:36 - 2012-12-21 19:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-05 12:33 - 2012-06-24 17:43 - 00000000 ____D C:\Users\James\AppData\Local\Adobe
2015-07-05 12:30 - 2014-12-31 14:32 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-03 11:42 - 2015-01-08 01:57 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-30 14:40 - 2012-07-26 02:31 - 00000000 ____D C:\Users\James\AppData\Roaming\uTorrent
2015-06-30 14:36 - 2013-07-10 10:50 - 00000000 ____D C:\Fraps

==================== Files in the root of some directories =======

2014-05-27 08:09 - 2014-05-27 07:56 - 0012005 _____ () C:\Users\James\AppData\Roaming\alsoft.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-13 06:07

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-07-2015 01
Ran by James at 2015-07-20 04:36:28
Running from C:\Users\James\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-384863828-2728954085-3972846289-500 - Administrator - Disabled)
Guest (S-1-5-21-384863828-2728954085-3972846289-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-384863828-2728954085-3972846289-1003 - Limited - Enabled)
James (S-1-5-21-384863828-2728954085-3972846289-1001 - Administrator - Enabled) => C:\Users\James

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

100% Orange Juice (HKLM-x32\...\Steam App 282800) (Version: - Orange_Juice)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics)
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVS Audio Converter 7 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.0.6.519 - Online Media Technologies Ltd.)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - Ronimo Games)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
bjnplugin (HKLM-x32\...\{BCA6463F-7B4F-4BD7-9EA1-1E84D60FE348}) (Version: 2.100.85.8 - Blue Jeans)
Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderless Gaming (HKLM-x32\...\Borderless Gaming_is1) (Version: 7.9 - Codeusa Software)
Castlevania: Lords of Shadow - Ultimate Edition (HKLM-x32\...\Steam App 234080) (Version: - MercurySteam - Climax Studios)
Castlevania: Lords of Shadow 2 (HKLM-x32\...\Steam App 239250) (Version: - MercurySteam)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Defender's Quest: Valley of the Forgotten (HKLM-x32\...\Steam App 218410) (Version: - Level Up Labs, LLC)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Digital Delivery (HKLM-x32\...\{9DDFE322-6BA0-4F90-8689-D98382492371}) (Version: 2.1.1002.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Support Center (HKLM\...\PC-Doctor for Windows) (Version: 3.2.6032.125 - PC-Doctor, Inc.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.46 - Creative Technology Ltd)
DFOLauncher (HKLM-x32\...\DFO) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: 1.0.3.10235 - Blizzard Entertainment)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC)
DYNASTY WARRIORS 8: Xtreme Legends Complete Edition (HKLM-x32\...\Steam App 278080) (Version: - KOEI TECMO GAMES CO., LTD.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Epic Battle Fantasy 4 (HKLM-x32\...\Steam App 265610) (Version: - Matt Roszak)
FFsplit version 0.7 (HKLM-x32\...\{82458834-6226-4A34-AE96-6907354F9F36}_is1) (Version: 0.7 - FFsplit Team)
Full Mojo Rampage (HKLM-x32\...\Steam App 225280) (Version: - Over the Top Games)
Half Minute Hero: Super Mega Neo Climax Ultimate Boy (HKLM-x32\...\Steam App 214830) (Version: - Opus )
Hero Siege (HKLM-x32\...\Steam App 269210) (Version: - Elias Viglione)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
High-Definition Video Playback (x32 Version: 11.1.11500.4.273 - Nero AG) Hidden
Injustice: Gods Among Us Ultimate Edition (HKLM-x32\...\Steam App 242700) (Version: - NetherRealm Studios)
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}) (Version: 14.03.0000 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel(R) WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
IZArc 4.1.6 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
La-Mulana (HKLM-x32\...\Steam App 230700) (Version: - NIGORO)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.2.1 - www.leaguereplays.com)
Long Live The Queen (HKLM-x32\...\Steam App 251990) (Version: - Hanako Games)
Malwarebytes Anti-Exploit version 1.07.1.1011 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1011 - Malwarebytes)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
One Way Heroics (HKLM-x32\...\Steam App 266210) (Version: - Smoking WOLF)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version: - Spiral Game Studios)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Quest of Dungeons (HKLM-x32\...\Steam App 270050) (Version: - David Amador)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.22 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6449 - Realtek Semiconductor Corp.)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
Scrolls (HKLM-x32\...\{F7F74F7F-C458-4B7C-A6F4-80A28ED7AF0B}) (Version: 1.0.2.0 - Mojang)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skullgirls (HKLM-x32\...\Steam App 245170) (Version: - Lab Zero Games)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
Spotify (HKU\S-1-5-21-384863828-2728954085-3972846289-1001\...\Spotify) (Version: 1.0.9.133.gcedaee38 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Street Fighter X Tekken (HKLM-x32\...\Steam App 209120) (Version: - Capcom U.S.A., Inc.)
Strider (HKLM-x32\...\Steam App 235210) (Version: - Double Helix Games)
Super Street Fighter IV: Arcade Edition (HKLM-x32\...\Steam App 45760) (Version: - Capcom)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.22.0 - Synaptics Incorporated)
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16500 - Nero AG)
SyncUP (x32 Version: 1.12.11500.11.105 - Nero AG) Hidden
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version: - Stoic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
THE KING OF FIGHTERS XIII STEAM EDITION (HKLM-x32\...\Steam App 222940) (Version: - SNK Playmore)
TomTom HOME 2.8.3.2499 (HKLM-x32\...\TomTom HOME) (Version: 2.8.3.2499 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
Valkyria Chronicles™ (HKLM-x32\...\Steam App 294860) (Version: - SEGA)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Wizorb (HKLM-x32\...\Steam App 207420) (Version: - Tribute Games)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XSplit Broadcaster (HKLM-x32\...\{641A9A78-643E-437E-9EA9-18AC8842B622}) (Version: 1.3.1401.0901 - SplitMediaLabs)
Ys I (HKLM-x32\...\Steam App 223810) (Version: - Nihon Falcom)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

13-07-2015 23:20:58 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
13-07-2015 23:22:08 Installed DirectX
14-07-2015 00:03:49 Windows Update
19-07-2015 20:21:24 Restore Operation
19-07-2015 21:09:59 Windows Update
20-07-2015 00:50:05 Removed JavaFX 2.1.1

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2015-07-20 01:54 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {B1468D98-3CF6-4978-ACCF-F2248147BCBB} - System32\Tasks\{6DCC0D8F-0FAC-46E9-A94A-065BD23EBF30} => pcalua.exe -a C:\Users\James\Downloads\jre-8u51-windows-i586-iftw.exe -d C:\Users\James\Downloads
Task: {BF97B128-0500-4AA8-9B78-CB7C6C1616B4} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2013-02-05] (PC-Doctor, Inc.)
Task: {C88638F7-34B1-4DA9-A609-5E28011F2783} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {E85119A0-4142-4C99-B926-B22B8D0D7A76} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-11-29] (PC-Doctor, Inc.)
Task: {F927F069-727E-4ACB-920C-D11996AC399D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-20] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2011-11-01 13:58 - 2011-11-01 13:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-07-03 15:24 - 2012-07-03 15:27 - 00076888 ____N () C:\Windows\SysWOW64\PnkBstrA.exe
2012-06-12 07:38 - 2014-12-13 06:08 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-06-12 06:44 - 2010-12-17 11:25 - 00686704 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2011-11-01 13:58 - 2011-11-01 13:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-07-28 19:08 - 2011-07-28 19:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-20 01:10 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-07-20 01:10 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-07-20 01:10 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-07-20 01:10 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-07-20 01:10 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-06-12 07:38 - 2014-12-13 06:08 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-07-28 19:09 - 2011-07-28 19:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7870 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-384863828-2728954085-3972846289-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\James\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D7962839-1872-47CD-86BE-E11C3B400F8D}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{353399C0-6227-4971-89E1-538C4C4C3945}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1014944F-AF91-4011-988A-DDC962737E2D}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{374F2C85-A65B-4C9A-B995-CC7B6DC9C6F9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{98C25E46-1293-43AD-B5A6-9AEA3002D8BF}] => (Allow) LPort=2869
FirewallRules: [{E93077FD-819E-467D-9DDE-9DFF4DBCDA79}] => (Allow) LPort=1900
FirewallRules: [{1939FAB7-61BF-480D-952F-722DB492DEDF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{99EE3427-B649-4665-9CC8-27144CB100C1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{F93080C0-51A9-424A-9789-CE122D0555AD}] => (Allow) LPort=9700
FirewallRules: [{60038B3B-8FF6-4681-9F92-275F61799767}] => (Allow) LPort=9701
FirewallRules: [{ABABA795-425F-4DFD-89D1-6865FA9A3327}] => (Allow) LPort=9702
FirewallRules: [{41C89F5A-C6AC-4192-A940-922C89FD2407}] => (Allow) LPort=9700
FirewallRules: [{7F1454AF-8760-4A54-BDC4-92A85DF4FA8F}] => (Allow) C:\Program Files\dell stage\dell stage\accuweather\accuweather.exe
FirewallRules: [{481FAB26-CA49-4942-8D08-66B0AE1468CA}] => (Allow) C:\Program Files\dell stage\musicstage\musicstageengine.exe
FirewallRules: [{FC9F1CAE-CE47-4FE1-86B8-249ECD96E07E}] => (Allow) C:\Program Files\dell stage\dell stage\stage_primary.exe
FirewallRules: [{646E045D-92E3-4A15-BB15-C3936BBC94D9}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{701D5A8D-F9DB-4E61-BB8D-A7ACB1849B93}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{F19EDF26-77C4-4661-86A2-F855DDE94C68}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{6DDC1FBE-5CF7-429C-ADB1-0F4D66D5E8A5}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{04E2FE47-E2A1-440F-914E-C417B79DE6E2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4D96FE7E-9638-411B-8C3F-E75025643448}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7D8C1515-12A6-405B-A89A-1286EC22845F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E2B0D3C-1221-49DD-996B-938469BE1183}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DD62A967-9338-42DB-B3E7-0C7F5B71C8EE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{F0657F82-82D6-4039-81BA-45C1D7FF2BB4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{E00F71CA-EE4C-4603-8E26-84E30FE69609}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{62718881-C24F-4B75-B090-3126DB13BA56}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{EF1488F5-45B7-4318-A621-FB8FB2CD17EF}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{13247366-888B-4B6A-9C85-1F694D3BD7E5}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{7C917745-21AB-4917-9D57-E0BE2062FC08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\stronghold kingdoms\StrongholdKingdoms.exe
FirewallRules: [{8F5C0B49-D8D0-476A-A3F0-5D839A7B7C57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\stronghold kingdoms\StrongholdKingdoms.exe
FirewallRules: [{B639585E-590B-461C-AB3E-BE5F0A98A21B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe
FirewallRules: [{58D8F445-AF65-47CE-AFE1-2BBD39103F70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe
FirewallRules: [{02CC3708-3F12-43A1-AE3C-0BD46DE65298}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloodline Champions\Binary\BloodlineChampionsLoader.exe
FirewallRules: [{EBBC93AE-8C71-4D1D-B250-A54149DC5BD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloodline Champions\Binary\BloodlineChampionsLoader.exe
FirewallRules: [{802E1607-8984-4EAD-96C9-0C9A453D8C32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawl Busters\bin\PbLauncher.exe
FirewallRules: [{46D7DFC0-7DFB-42BE-8534-A8E6946F1ACF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawl Busters\bin\PbLauncher.exe
FirewallRules: [{39712E6A-038B-40B8-B203-EFB5F9466FAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawl Busters\bin\pbclient.exe
FirewallRules: [{00BA03B3-7574-43EB-803F-692BA402CEAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawl Busters\bin\pbclient.exe
FirewallRules: [{02CEBF71-5E25-4344-AF92-A260CD0AF966}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\forsaken world\patcher.exe
FirewallRules: [{6301D86F-B25B-4EF0-835C-564A5B3BB3B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\forsaken world\patcher.exe
FirewallRules: [{E6CFC0D9-E27E-4B27-8DF7-15C79726A558}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\world of battles\release\launcher.exe
FirewallRules: [{894D5E02-4C71-4948-8632-AF303891DA4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\world of battles\release\launcher.exe
FirewallRules: [{FCBAC333-8C67-485F-94B7-7F101C5AE18A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DC Universe Online\LaunchPad.exe
FirewallRules: [{AC9BA9F8-A5A0-4265-8F32-859B007A4016}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DC Universe Online\LaunchPad.exe
FirewallRules: [{74DE19BD-01E2-4FE5-AA24-A3044993174A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\lord of the rings online\TurbineInvoker.exe
FirewallRules: [{8F291D38-7D58-4132-B5ED-628CC5B70E91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\lord of the rings online\TurbineInvoker.exe
FirewallRules: [{650C26DF-2491-4C68-9129-35D8F588D3BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\vslauncher.exe
FirewallRules: [{89F05E23-D1E8-4598-8FEE-A98DFD99D841}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\vslauncher.exe
FirewallRules: [{123820B0-7B41-4959-AA23-6E3088A849CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\cthulhu saves the world\CSTW.exe
FirewallRules: [{A84E2BE2-CE35-4448-A64F-7D7B5069E04E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\cthulhu saves the world\CSTW.exe
FirewallRules: [{FE16E058-1CB5-4356-89F8-9E06C0B04AE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\breath of death vii\BoDVIIPC.exe
FirewallRules: [{56EF80CE-1188-475C-9A9A-6BE464F90832}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\breath of death vii\BoDVIIPC.exe
FirewallRules: [{748658F9-B86B-4492-863C-2454E4555495}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{1E06769E-54DA-4663-918E-DD105237C9F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\blacklightretribution\Blacklight Retribution.exe
FirewallRules: [{E3E84215-3EE9-4461-833D-058B6C0E5698}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{795A6C3E-FDAF-49C2-BFBD-BEABAD4982E9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{29FA4452-A4A2-4380-B2A5-C212263D6184}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{17210961-46F0-41B7-8E88-03BD5C657CB9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{20D808B8-F87A-400D-A189-6202D197CE2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe
FirewallRules: [{37106DE1-E67D-4055-9135-BC871B5F3C0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe
FirewallRules: [{FC080E72-53E4-4949-9CC1-0FFC988F3305}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawl Busters\Launcher.exe
FirewallRules: [{1026B0DA-D5CE-4676-966C-16A48891DA0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawl Busters\Launcher.exe
FirewallRules: [{022DCAFE-F85F-4F77-97AC-A6EF68CCC183}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DFO\nxsteam.exe
FirewallRules: [{4A43A1D7-21BC-4625-A424-88633D2FDCEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DFO\nxsteam.exe
FirewallRules: [{818A5EF4-81C1-4024-8BDF-7A213B2F1B72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ys the oath in felghana\ysf_win_dx9.exe
FirewallRules: [{0D337062-28E9-4215-BB43-FAB0DA061745}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ys the oath in felghana\ysf_win_dx9.exe
FirewallRules: [{E5D3C7DC-207A-480D-9DC3-5BEAE99678D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ys the oath in felghana\config_dx9.exe
FirewallRules: [{6E0BEB30-775C-4F7A-B91E-9B7DF7F7A06E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ys the oath in felghana\config_dx9.exe
FirewallRules: [{639487A9-6394-41B3-BFEA-47D3F7E6C864}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ys the oath in felghana\ysf_win.exe
FirewallRules: [{D8590958-047F-48A2-B103-A7F5C0DE6F32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ys the oath in felghana\ysf_win.exe
FirewallRules: [{696BB05F-FDF7-49AC-B3C2-585BB906E31D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ys the oath in felghana\config.exe
FirewallRules: [{16BBC8EE-2395-4350-9D52-C2DE577D97AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ys the oath in felghana\config.exe
FirewallRules: [{FB09A666-AF4E-4396-BD49-D3C69EF1ECA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ys origin\yso_win.exe
FirewallRules: [{FF739C37-5C3E-4CEB-A55B-A367AA44C2FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ys origin\yso_win.exe
FirewallRules: [{97D5F0E1-DB22-4503-9B58-2C5F079747C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ys origin\config.exe
FirewallRules: [{AB2AA600-4845-45B5-B6E2-69BD0894B2F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ys origin\config.exe
FirewallRules: [{45D8D4A6-6689-4790-BFAE-01F1A5199652}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{6949129B-C44D-46FD-9D7C-1185F19555D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{6FA3876F-CEA8-45B2-AFB4-D2397E1C54E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\trine\trine_launcher.exe
FirewallRules: [{588C8ECF-2B50-45A3-ABCB-856766A848A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\trine\trine_launcher.exe
FirewallRules: [{5C369816-1403-4451-91F5-D0E266BE0921}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{38E94FDF-9EDA-4F99-A307-B0FB9B2EAFCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{B078A1F6-D20E-429C-9D2B-848BDF005BF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeon siege 1\DungeonSiege.exe
FirewallRules: [{58CD9CD0-1BAC-4569-A836-1A2DBAC7B1B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeon siege 1\DungeonSiege.exe
FirewallRules: [{9435B5C9-E4E4-4015-A134-1E1397EDCF79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeon siege 2\DungeonSiege2.exe
FirewallRules: [{6D1F8228-2A30-44CF-9A36-C02A2FF97862}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeon siege 2\DungeonSiege2.exe
FirewallRules: [{0CF7AEAD-4BA5-4F65-BA5D-C500986220CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeon siege iii\Dungeon Siege III.exe
FirewallRules: [{8B916B9E-EC5E-4D3F-B065-249DDD5860B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeon siege iii\Dungeon Siege III.exe
FirewallRules: [{426DDC65-27C8-438D-9FE1-13F307A06B16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{DC645974-554D-49C5-B1A2-9BAFE70C4E9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{A9CFEDAC-D8F7-4B21-A03A-B3D4094C940F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{72933B38-4168-4839-A1E9-EA37F7FC95CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\torchlight\Torchlight.exe
FirewallRules: [{7BE4432B-853B-4299-82B7-486CD0664B9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{68982FC7-BAEF-423F-9EC5-B5C50B3BD25C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{D887D95D-A5C4-4FEA-9354-932F3A094028}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{0F83E403-C0C5-4491-9E9C-924A2AC6782D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{CE991272-9A58-4C99-B6EB-16E82341CC0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{C3E4A3EB-3D1D-4762-936E-E866C513BC38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{B2338B9D-DDE2-49D8-B439-803A416B4639}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chantelise\chantelise.exe
FirewallRules: [{B14042C6-DF1F-4E34-ACC6-B4FA4792C2D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chantelise\chantelise.exe
FirewallRules: [{92565698-8055-4B24-A7E6-7FE156CE9FE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chantelise\custom.exe
FirewallRules: [{F9C77F4C-F762-4146-BF8A-B1B49E9324A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chantelise\custom.exe
FirewallRules: [{39A057D7-3B16-4608-9A3E-E06B86280076}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\fortune summoners\sotes.exe
FirewallRules: [{40CC67DA-1026-4014-84FD-01BFFB5B8787}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\fortune summoners\sotes.exe
FirewallRules: [{68D47FE1-F522-4AFB-8755-EF05B7E6CBE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dead space 2\deadspace2.exe
FirewallRules: [{3CF0009C-E8F6-4583-9606-E7748ADD8375}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dead space 2\deadspace2.exe
FirewallRules: [{A0A572A3-50DE-40A3-BE52-8BFFEB27E4C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dead space 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{EBC88772-1E53-437A-83CA-79B853E45F49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dead space 2\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{E17DFA7F-27C6-42C1-99C4-55C54AA82939}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tobe's vertical adventure\Tobe's Vertical Adventure.exe
FirewallRules: [{05389869-04ED-425D-8EE2-5EE3C0489040}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\tobe's vertical adventure\Tobe's Vertical Adventure.exe
FirewallRules: [{72117DC3-D34B-4947-B13C-7FCCFFC747C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\legend of fae\legend_of_fae.exe
FirewallRules: [{31534648-37E4-44C1-B5DB-352BE1297A9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\legend of fae\legend_of_fae.exe
FirewallRules: [{BA1DDD90-70EC-424C-B2C8-8CEAF9C5A24F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sniper ghost warrior\Sniper_x86.exe
FirewallRules: [{EFCE18C7-72B1-47D0-A5B3-B1E9EE2B1285}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\sniper ghost warrior\Sniper_x86.exe
FirewallRules: [{801A4A0B-34FC-42D6-A769-83E1C87C07DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [{ECC23C5D-FED8-4FCC-8015-535824BBED54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\fallout new vegas\FalloutNVLauncher.exe
FirewallRules: [{A6668928-F2FE-488B-82C8-140791EE46F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\world of goo\WorldOfGoo.exe
FirewallRules: [{991E6FB0-15BD-4E53-88AC-90CD5ABE2D2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\world of goo\WorldOfGoo.exe
FirewallRules: [{D8F84EA5-36E7-45C8-AB3E-D8834BD3C62D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\legend of grimrock\grimrock.exe
FirewallRules: [{D322170F-097C-4703-846F-A76E6B08DC7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\legend of grimrock\grimrock.exe
FirewallRules: [{C8929762-3C2C-4FED-81A8-62B642B31F57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{0FB06832-FC8E-40B1-A85F-5B911B3B1D87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{3A26F0EB-678E-4C93-9F6A-69E63E0A2BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Adventures Of Shuggy\Shuggy.exe
FirewallRules: [{9CE17655-EA77-4FDA-90E5-40BEB7C3F7AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Adventures Of Shuggy\Shuggy.exe
FirewallRules: [{19D2F5D6-FD23-4208-87A7-93A487C4EC0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Precipice Of Darkness 3\Rainslick3.exe
FirewallRules: [{E353D830-184C-490B-9E19-D9B3F72B6DC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Precipice Of Darkness 3\Rainslick3.exe
FirewallRules: [{0F37945F-5A95-4855-9497-1E1DB1DFEC6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeon siege iii\Dungeon Siege III.exe
FirewallRules: [{A22CB92E-850E-4E9A-B9AD-947D70AC6313}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dungeon siege iii\Dungeon Siege III.exe
FirewallRules: [{C45F8AEC-AB12-4FA7-BE4E-117EB18EA24C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{CFEF898B-7179-4E85-B7EC-31F47C5B1753}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5316FED3-CEBA-4868-A235-970610B1B49C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8B659B95-4262-4CE2-AF5E-379709CC7296}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7FA93FCE-CEFC-4C94-8390-F72833BE8056}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C077E105-8F72-4228-8FE8-D025D17035C6}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{F71F328D-BE4A-405B-A83E-F67CBA84DC37}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{C50A930A-A44A-44A2-B71C-3EB940E25B08}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{FD66619C-1CF3-4374-BDA4-14953CC5CCF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\recettear\recettear.exe
FirewallRules: [{FD845E13-2838-4B0B-9F10-D86DF0F0C96C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\recettear\recettear.exe
FirewallRules: [{03C634C8-33C4-4C86-86B5-61ADB0BACADA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\recettear\custom.exe
FirewallRules: [{D68F1B9B-37ED-4EBF-A217-46D97BF597B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\recettear\custom.exe
FirewallRules: [{A7D07D31-0C8F-4B5F-8A5B-9ED708654C03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{0BAB6C79-2A91-4E57-AE05-58C339471AB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{A66AC1C0-88A5-4055-8B15-0BA8E033568A}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{BE1A1CAD-F31B-4F1F-9617-FCDEDEDC5185}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{E382FF7E-2417-4CEA-9308-8ED56C09DBC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{4B236E15-BD6E-438D-92B2-D1CC1588AB56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{5508127A-8A35-44E5-9EDC-37A5BBEAD4AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{E7B1AF0A-4CE3-406A-B385-AC8CB54BA498}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{8133143F-E51E-4ADF-B496-CD430BCB42CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Adventures Of Shuggy\Shuggy.exe
FirewallRules: [{A845A435-7CB6-4D67-9927-A618586DD130}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Adventures Of Shuggy\Shuggy.exe
FirewallRules: [{6564987B-F323-4762-9E34-8952AF96B27D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Precipice Of Darkness 3\Rainslick3.exe
FirewallRules: [{90E65371-DC58-4AFF-B6F0-0E221EC63A0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Precipice Of Darkness 3\Rainslick3.exe
FirewallRules: [{322407BB-3217-4F55-98BB-8486A044408D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DFO\nxsteam.exe
FirewallRules: [{D957C41C-6F11-4F64-B9F4-60A722797F3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DFO\nxsteam.exe
FirewallRules: [{A077EAB8-852D-4689-8F78-DC531D1EA9A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{3D12E34E-1E75-4AC9-A281-82AE815F44C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{10D9BFD8-9859-48F6-80E7-FBE3C2212302}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{9B2E6DC1-80B8-4DFE-8FEC-EA00B152F516}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{FB22343C-0D31-44A9-BBDA-26F879C6254C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3E44F53E-F980-4C4D-A978-ADB5AD429DD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\DragonNest.exe
FirewallRules: [{BA310BFE-12A7-4AB2-BA3A-8FDC77D258E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\DragonNest.exe
FirewallRules: [{C6FE7CC4-B1F0-4093-9949-D0CFBD4D3882}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\themonsterslayer\distro\Garshasp.exe
FirewallRules: [{F780672E-3D64-4A60-B119-FBAFF022A205}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\themonsterslayer\distro\Garshasp.exe
FirewallRules: [{7BA39971-30CB-4EB4-B315-4A151D296049}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\themonsterslayer\distro\GarshaspConfig.exe
FirewallRules: [{ACDE37F7-E41E-452D-965F-13D0B317F5D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\themonsterslayer\distro\GarshaspConfig.exe
FirewallRules: [{7335EC36-D186-40B6-9886-586795F23717}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{9A7D6453-D3D8-4E3D-96B0-9C94B9799B89}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{08E38287-4068-4A28-A0A3-7989026F5050}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\vslauncher.exe
FirewallRules: [{9298F772-0C8F-41A8-A7D9-B3740EA42805}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\vslauncher.exe
FirewallRules: [{F6AC85ED-8C31-46DF-A7B1-734ABD018B2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MapleStory\nxsteam.exe
FirewallRules: [{C1AE2BE2-BF5B-4682-9D50-247BBBA1EE34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MapleStory\nxsteam.exe
FirewallRules: [{9B861D75-1D48-42BD-9F06-194DDEB16999}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{A5792C65-32DC-4D21-9D6F-9D616135B5B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{92EB79EB-B490-4630-A677-C4B35CAA55B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe
FirewallRules: [{F30C7608-8B8F-427C-AE41-D5706FA08827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\spiral knights\java_vm\bin\javaw.exe
FirewallRules: [{6250F55B-416B-4947-986D-3C828F0EEA96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{4ED0412F-BDD2-4A28-947E-4927DC0CE739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{E6E0C0D2-0A82-40AB-A3D4-600A8C9A62E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\Dnlauncher.exe
FirewallRules: [{4C1ECB49-7835-4512-B2F5-7599264C3470}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\Dnlauncher.exe
FirewallRules: [{1BDDE57C-5557-4FAF-B21C-64DEA5F58348}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{FAFF86CA-C552-44C2-B433-854CDCB6AC10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{789080A9-263F-44AC-9B2B-CA781BFBC2F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{66E39B76-6418-4295-A366-8D184D2A6567}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{2199D969-2F51-4D6B-8951-A8C170145DF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{862841ED-E253-47C4-914B-C6983BD1FF94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{671CE847-DA2B-4072-9370-DB968494AFDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{574FEDB2-011C-4D64-AFA0-9A7992DCAF2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{99D8D8B4-09CD-4A3D-AF81-7708341D0763}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{E48248BB-617A-43F3-86D8-C86047711312}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Little Inferno Beta\Little Inferno.exe
FirewallRules: [{1BA3B6A3-48FD-43C3-AF22-A6F08E6CA506}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F26F7E34-5A55-4268-A7B0-AABB03726144}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EE53F390-70FE-41DE-808A-1B8500612F8B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{1E2B3ABE-B774-40A1-9D12-59020F011B35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{C34AF57F-CCDD-4331-A875-73207E15BA02}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [{4F1B65E7-D610-4F2D-B18D-C03D47B2502D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [{273678A2-3589-4259-BA36-F7A90BDAD6EA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wizorb\Wizorb.exe
FirewallRules: [{DF2DFED8-053E-4FFE-8A8D-DBB508BAB111}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Wizorb\Wizorb.exe
FirewallRules: [{28CAEDF9-9E42-4656-B586-D66FED4547E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{EBFF9697-C7C9-43EA-8AE0-704805AF3527}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{37036A09-DC38-4288-A992-EBB342157AB2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half Minute Hero\HMH.exe
FirewallRules: [{8F20317E-6EC3-436B-8A9A-BB58A5170CBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half Minute Hero\HMH.exe
FirewallRules: [{8A73199C-EB8B-4268-A2C1-A9FE7F815A2C}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{039B1292-294A-4933-9A60-E7DB46880055}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{F1F0A6C3-9AE9-462B-AA18-437D5728695F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ys I\ys1plus.exe
FirewallRules: [{B990F68C-E322-4346-A458-E9986A955024}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ys I\ys1plus.exe
FirewallRules: [{63E7CE78-B188-4228-80F8-60E3DEA6D632}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ys I\config.exe
FirewallRules: [{6D27448E-7857-4382-BC92-42DB5345F603}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ys I\config.exe
FirewallRules: [{D875C61A-A5F5-4F4D-B3EC-459D030A9CEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{349DF346-3A9A-48DB-94F3-B46DCDB084C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{C783C39E-5B79-4726-9DC9-534B79D7807A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{760E81ED-D3AF-4A4F-8609-7024FFD8B5D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{A2432D80-3476-4519-A031-81B1E4DD60B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{D13A0067-E9CF-41AA-8686-71AE9E78A840}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{42DEA92E-588E-434A-AFB6-E768D2DDDB19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Street Fighter X Tekken\SFTK.exe
FirewallRules: [{04298423-A251-4548-9987-4707C274169E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Street Fighter X Tekken\SFTK.exe
FirewallRules: [{DE486ADC-A99C-4E73-B363-0D98B045B573}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{D6D2D3AD-D3B6-497C-91B1-490C877B21D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{86F03D2B-1022-413E-9150-683BF25D693A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F14932D0-3CDC-4E3A-B330-234F6118095F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7DDAE8D1-5712-4B39-B0CA-472B36485817}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3D53AFE4-8865-4FE3-BC54-0E547D2DD5B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E1D1EAC4-9C92-4D1E-8612-C0A4504DA247}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{96D5B6B4-7BD0-46E0-B6FC-1E41C088E440}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [TCP Query User{429F1170-674F-4B82-A31F-D0B467C05E17}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{3B3AA35B-8048-4EED-8762-544EC3498CE0}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{146B72EE-2927-417C-90AB-C303AF7AC414}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{8438454B-C896-4E9B-80E4-2FFC21CBB377}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{37163AAD-A462-414E-9712-04DDC985D4DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{75BA5545-264C-4BBF-945E-46ED6F01B948}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{B98C323D-9A18-4525-94DB-C7148C1F3A6A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [{C9465887-37EE-4BB2-AF8F-D6CAD83F6374}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [{0A197FC1-F1F4-4C47-828E-5D90B9D38571}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{1E07095D-DF42-4C84-B067-77338286AE0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{90EB4CAD-586E-4248-8614-433E6EB93731}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9DC5554D-4D50-45A6-9A74-E712DD3901A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{6FC0A313-C9E9-4629-9DF4-B64AF46BE05A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{9A88947B-EF5C-4AA5-8CA7-7A496946512E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{D6CFD8CF-046A-42F0-8AAE-019AA6371ADE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{D7318243-00DA-4AD2-A5D0-01112E4E0F08}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{F0A77920-32DD-491B-B0DE-FEEB135EE8A7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{E579DD52-4F1C-43C3-83AE-BAE47F92B4BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{1754D79B-AAAB-4E70-8B74-77C02840966F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{81A6FBED-4544-4A3F-B78D-136CC07B800F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{5C4AE01F-1991-4597-B13A-9BA6422AB8EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Epic Battle Fantasy 4\EBF4.exe
FirewallRules: [{061E3835-2776-48BC-A34C-4DA4F6148461}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Epic Battle Fantasy 4\EBF4.exe
FirewallRules: [{F08D3912-47C6-4B55-97D6-4A9F37AED4B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\La-Mulana\LaMulanaWin.exe
FirewallRules: [{09FEB3CF-8792-42FF-8BAE-072D1EEE7E73}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\La-Mulana\LaMulanaWin.exe
FirewallRules: [{CA505DB1-C08C-495C-A3DC-5DF63A003B10}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\100 Orange Juice\100orange.exe
FirewallRules: [{FC4CEE46-C018-4A46-9625-6D540F922FB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\100 Orange Juice\100orange.exe
FirewallRules: [{74AAFD06-84AE-4CBC-88BE-403FA29C3A2F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LongLiveTheQueen\LongLiveTheQueen.exe
FirewallRules: [{7E0A06EE-4CA1-4C91-86A5-541AA38382F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LongLiveTheQueen\LongLiveTheQueen.exe
FirewallRules: [{70C255CA-9CB8-4155-8729-47087FB1B4E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\One Way Heroics\Game.exe
FirewallRules: [{88EE7237-0890-484C-8C0A-3B2AAC6F64B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\One Way Heroics\Game.exe
FirewallRules: [{10432573-8AF9-42C0-9D80-0960FEFB7F8F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\One Way Heroics\Config.exe
FirewallRules: [{C1EDCC35-D6C9-45D3-859B-14B1E0774971}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\One Way Heroics\Config.exe
FirewallRules: [{BE3C7B84-559D-4A6A-B428-EA07A1B67652}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\QuestofDungeons\QuestofDungeons.exe
FirewallRules: [{C9BC3FB7-BC54-4BD6-9AA5-780439FA6829}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\QuestofDungeons\QuestofDungeons.exe
FirewallRules: [{BFF9DA9B-D5E3-492D-93A3-53A7A5940A0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{BA46D0B3-BD5D-48BE-8422-8ACDB3105537}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{7F9AE464-C38D-409D-BBA9-29D47C62DAF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{9348FB3E-6F3E-4395-859F-B5317C3CA6B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{7C68159A-B998-4999-A078-39D516FD6E13}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{569373C5-CC37-4F59-B764-6CDC31721BCF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4A4A9DF2-EB8B-4A48-A118-3A38FE842E3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{2C8086E0-8F46-4EC2-8ADE-959FF5DF2A62}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dust An Elysian Tail\DustAET.exe
FirewallRules: [{D7D055EA-E733-4B68-9AAD-A07CDD37C3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FullMojoRampage\FullMojo.exe
FirewallRules: [{1FD089CA-CB70-43E4-AF8E-78F88C59004D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FullMojoRampage\FullMojo.exe
FirewallRules: [{33CC2386-EEB3-4A52-9B4C-12A80A2DBC99}] => (Allow) D:\SteamLibrary\steamapps\common\Dynasty Warriors 8\Launch.exe
FirewallRules: [{07C8FA2D-8450-402F-A847-7ED764D848C9}] => (Allow) D:\SteamLibrary\steamapps\common\Dynasty Warriors 8\Launch.exe
FirewallRules: [{CE663279-265D-4D7B-9B1A-7089DFBE4B56}] => (Allow) D:\SteamLibrary\steamapps\common\Dynasty Warriors 8\Config.exe
FirewallRules: [{9E779FC1-F2D4-4E05-A0E4-0AFA6725C1CB}] => (Allow) D:\SteamLibrary\steamapps\common\Dynasty Warriors 8\Config.exe
FirewallRules: [{4678DC0D-8DAE-4CEF-A064-E58738FA8570}] => (Allow) D:\SteamLibrary\steamapps\common\DefendersQuest\DefendersQuest.exe
FirewallRules: [{BFD40049-75F6-44CB-A661-8FF842EA3CF1}] => (Allow) D:\SteamLibrary\steamapps\common\DefendersQuest\DefendersQuest.exe
FirewallRules: [{E9E29595-C361-47A6-A7E1-8A58055C8CA4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{E191C35A-DE27-4DFE-98C6-DDB7458090E5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{EA25E335-47E1-4BE2-A730-3027FE3F80CB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{ABA2F14A-6B15-4831-A549-80CD33FBCA8E}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{42B83236-7F48-4F57-BCF7-1043C58EB7E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BEEDECA6-91AB-4377-8A29-54EA0D1B7BDE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{47C296DF-6BDE-4D05-86AA-0D0BD5E4C78B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7A70B529-BC62-4BC2-BE73-33DDBE54440D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{74084D59-EB7B-44D8-9748-99D61A78BAF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{67A96914-C163-424D-80B4-0CE81F0ECE1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{61040EFE-C15A-4356-98B3-6A66DE4667E7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{FE815DE7-BE7B-48C5-8319-0020DF4516AD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{D2EAED11-63EC-41AF-8D47-1147895CF1C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{7C17938A-718C-4F7A-95C6-FD325EEF0376}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{6FD31A51-3586-450A-A820-C3FA0D86A99B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\King of Fighters XIII\kofxiii.exe
FirewallRules: [{5D3F8DF1-D30B-4F78-83EF-E3C3C54E808B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\King of Fighters XIII\kofxiii.exe
FirewallRules: [{6038EF42-4504-4734-B3DA-BA679C4BDEB5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{03A0C306-2F42-4A43-A7BB-251BF541955A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C9B81E44-96C7-4A23-8AA2-29B5E3FB1BFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{BBD0E100-1407-4EE3-BE49-FF29A0345E63}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{10D58D1B-F4D4-4AF6-90D9-8BDAC722DEE1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{0C953C99-C020-4BF2-ADBF-97C7D37F45A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{0928887E-5496-4867-B1B5-21265EF55309}C:\users\james\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\james\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F721465C-8304-4A09-8ADF-89D73C8FA88D}C:\users\james\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\james\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3410D168-4C4F-48A1-8ED2-FAA0AFC5F545}] => (Allow) D:\SteamLibrary\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{1AA03533-31B5-46A6-B265-FD9C8087F1BF}] => (Allow) D:\SteamLibrary\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe
FirewallRules: [{3800CE50-A2FA-46CD-BCDF-3075BE27721E}] => (Allow) D:\SteamLibrary\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{CF67D0B1-D7AE-4E95-8E00-AB6CCDF33004}] => (Allow) D:\SteamLibrary\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe
FirewallRules: [{B71FA803-4D50-4D4D-A1B2-8AAAD49758AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{F04D15A4-4C79-4708-9579-FC86DE9F70E5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{2A3B2A61-330E-4C15-B4DF-0E3C5BB7A576}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{BC27CBFA-12B8-4061-A2DA-A1E6FA5E8CE1}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{DD70EB2A-9B35-4B4C-A1FB-BC32D1EDBEE8}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{50805158-D2B9-4374-B3D8-7152ED903A4F}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [TCP Query User{41128969-B146-49CA-A33F-AB188C42C96A}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{AF5B1B59-FB25-4A4F-87C5-97831C191357}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{CD5E500D-E63C-4CFA-96C1-47D7C40D564D}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{1A5DC4E7-1F09-4765-99D1-32556A3E7A3B}] => (Block) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{5CC2BBEE-4BB8-4337-86EF-90ADA0041DBA}] => (Allow) D:\SteamLibrary\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{5DEB0B18-40F4-4ACB-99E9-33FB97609415}] => (Allow) D:\SteamLibrary\steamapps\common\CastlevaniaLoS\bin\CastlevaniaLoSUE.exe
FirewallRules: [{49771F66-B075-4917-832F-4A44B18393F9}] => (Allow) D:\SteamLibrary\steamapps\common\Castlevania Lords of Shadow 2\bin\CLOS2.exe
FirewallRules: [{E76607D0-3070-48E9-9E03-E80079AA1D73}] => (Allow) D:\SteamLibrary\steamapps\common\Castlevania Lords of Shadow 2\bin\CLOS2.exe
FirewallRules: [{80AA1AD9-CF23-4FB5-86A7-B916E4BDE91D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{5B4E0FE3-8B1F-4B57-9F94-30C056838C01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{9F8F9E9C-6A97-4572-8988-D13137D324B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{93C82AAF-6592-4A40-A4D8-AA870F19AD7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{4D42DF03-8086-41C0-9E51-956ADB1CE92F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{C73E8DDE-E0C5-4E51-A4C9-4CB395F0E40A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{47CD0808-B50A-4271-B11F-A925B81529F1}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{B689BD12-D007-48D0-B1DE-848216787CB4}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{8A09F2E9-6C47-4D38-A122-52A8CABFFCFF}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [UDP Query User{59D1CE0A-7E3B-4587-9DBA-31A5F7E952CA}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{796A65C8-1184-453E-BF62-63D982C9DC4A}] => (Block) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{796AC5E7-4AF3-432F-BAF9-53B6CA483FCA}] => (Block) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{E1348EB8-B44F-4DB1-A8F5-9730F322B331}] => (Allow) D:\SteamLibrary\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{A9313708-34C6-4403-B647-C43E6C0A2ED0}] => (Allow) D:\SteamLibrary\steamapps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [TCP Query User{7586D32D-C105-41A0-8FAA-543F852BE08B}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{9BFFC58A-27CB-422C-93A1-BD55812E42BC}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{B88AA113-2C9D-4B2E-9869-032D1BF65C23}] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{06AB8840-FFFB-4D23-AB3F-7AB44B902568}] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{EF97FD28-D9DF-49A3-B274-25532FDA3CE1}C:\users\james\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\james\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3C0D6C5D-D2C2-41DE-B028-AA6FAE2EBF4E}C:\users\james\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\james\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9F34CEE2-B3E2-4A27-8EB9-0077DE29A49D}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5E535EF7-7926-417C-9C76-0742559E7126}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{9B452B54-414B-4A5F-B58C-859D4094107C}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{BB794D35-1DEA-43BC-A39E-CD09216AAF45}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{B9D2A6FE-C159-4E18-9BC5-F9AE60C31889}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{A6640595-902B-4C1D-925F-836FF949D05E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{507B59DF-46A9-45F8-8872-73553EE93F5D}] => (Allow) D:\SteamLibrary\steamapps\common\Strider\Strider.exe
FirewallRules: [{2F5F32D2-6340-4365-9C46-73815E4AF958}] => (Allow) D:\SteamLibrary\steamapps\common\Strider\Strider.exe
FirewallRules: [{F5A2CC72-D258-419F-B7A2-790BBCF01074}] => (Block) %SystemRoot%\System32\dllhost.exe
FirewallRules: [{5C6C9A13-6EC0-4949-82AF-642BDE9602F5}] => (Block) %SystemRoot%\System32\svchost.exe
FirewallRules: [{91E4AB40-569A-488F-B170-B9AB0CC78FF6}] => (Block) %SystemRoot%\System32\dllhost.exe
FirewallRules: [{DB0A4C22-8CA0-4CD0-839E-0793E4AE2B55}] => (Block) %SystemRoot%\System32\svchost.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/20/2015 04:31:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 39.0.0.5659 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: dd8

Start Time: 01d0c2c003b1bd50

Termination Time: 0

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: b712a15c-2eb9-11e5-af3c-5cf9dd407dc6

Error: (07/20/2015 04:14:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvNetworkService.exe, version: 2.1.0.48, time stamp: 0x5473d867
Faulting module name: NvNetworkService.exe, version: 2.1.0.48, time stamp: 0x5473d867
Exception code: 0xc0000005
Fault offset: 0x000a87d6
Faulting process id: 0x131c
Faulting application start time: 0xNvNetworkService.exe0
Faulting application path: NvNetworkService.exe1
Faulting module path: NvNetworkService.exe2
Report Id: NvNetworkService.exe3

Error: (07/20/2015 04:14:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvNetworkService.exe, version: 2.1.0.48, time stamp: 0x5473d867
Faulting module name: NvNetworkService.exe, version: 2.1.0.48, time stamp: 0x5473d867
Exception code: 0xc0000005
Fault offset: 0x000a87d6
Faulting process id: 0xc48
Faulting application start time: 0xNvNetworkService.exe0
Faulting application path: NvNetworkService.exe1
Faulting module path: NvNetworkService.exe2
Report Id: NvNetworkService.exe3

Error: (07/20/2015 03:44:59 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Error: (07/20/2015 03:35:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NSDownloader.exe, version: 5.1.0.83, time stamp: 0x5565f11f
Faulting module name: NSDownloader.exe, version: 5.1.0.83, time stamp: 0x5565f11f
Exception code: 0x40000015
Fault offset: 0x001c3b42
Faulting process id: 0x1348
Faulting application start time: 0xNSDownloader.exe0
Faulting application path: NSDownloader.exe1
Faulting module path: NSDownloader.exe2
Report Id: NSDownloader.exe3

Error: (07/20/2015 03:34:59 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Error: (07/20/2015 03:34:59 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: exception in main loop CoCreateInstance failed : HR: 0x80040154 ErrorCode: 0x0

Error: (07/20/2015 03:34:59 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE}

Error: (07/20/2015 03:34:59 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: Product {90140011-0066-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Error: (07/20/2015 03:34:59 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE}


System errors:
=============
Error: (07/20/2015 04:14:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly. It has done this 3 time(s).

Error: (07/20/2015 04:14:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly. It has done this 2 time(s).

Error: (07/20/2015 03:49:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (07/20/2015 03:49:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (07/20/2015 03:49:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (07/20/2015 03:49:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (07/20/2015 03:49:16 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/20/2015 03:49:16 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/20/2015 03:49:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (07/20/2015 03:49:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535


Microsoft Office:
=========================
Error: (07/20/2015 04:31:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe39.0.0.5659dd801d0c2c003b1bd500C:\Program Files (x86)\Mozilla Firefox\firefox.exeb712a15c-2eb9-11e5-af3c-5cf9dd407dc6

Error: (07/20/2015 04:14:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvNetworkService.exe2.1.0.485473d867NvNetworkService.exe2.1.0.485473d867c0000005000a87d6131c01d0c2c41b09e5ccC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe58cd3cfb-2eb7-11e5-af3c-5cf9dd407dc6

Error: (07/20/2015 04:14:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvNetworkService.exe2.1.0.485473d867NvNetworkService.exe2.1.0.485473d867c0000005000a87d6c4801d0c2c416195458C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exeC:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe55462be2-2eb7-11e5-af3c-5cf9dd407dc6

Error: (07/20/2015 03:44:59 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Error: (07/20/2015 03:35:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NSDownloader.exe5.1.0.835565f11fNSDownloader.exe5.1.0.835565f11f40000015001c3b42134801d0c2be9a084f81C:\Users\Public\Downloads\Norton\{NSTW2250124-SHPD-FSD51083}\NSDownloader.exeC:\Users\Public\Downloads\Norton\{NSTW2250124-SHPD-FSD51083}\NSDownloader.exee66f1f97-2eb1-11e5-af3c-5cf9dd407dc6

Error: (07/20/2015 03:34:59 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.

Error: (07/20/2015 03:34:59 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: exception in main loop CoCreateInstance failed : HR: 0x80040154 ErrorCode: 0x0

Error: (07/20/2015 03:34:59 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE}

Error: (07/20/2015 03:34:59 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: Product {90140011-0066-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Error: (07/20/2015 03:34:59 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE}


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 31%
Total physical RAM: 8086.17 MB
Available physical RAM: 5540.72 MB
Total Virtual: 16170.52 MB
Available Virtual: 13329.76 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:446.13 GB) (Free:46.38 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:358.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=446.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9BA529C3)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of log ============================

 

[TwinHeadedEagle]

Scan with Malwarebytes' Anti-Malware

Please re-run

Malwarebytes' Anti-Malware.

• First of all, select update.
• Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
• In the same tab, under PUP and PUM detections make sure it is set to Treat detections as malware.
• Click the Scan tab, choose Threat Scan is checked and click Scan Now.
• If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
• Upon completion of the scan (or after the reboot), click the History tab.
• Click Application Logs and double-click the newest Scan Log.
• At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.

Scan with ComboFix

This is a very powerful tool that should be used only if advised by Malware Analyst.
Do not run ComboFix on your own!

Referring to this instruction, please download ComboFix by sUBs and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
• Accept the disclaimer and agree if prompted to install Recovery Console.
• Do not take any actions while ComboFix goes through your System - it may cause it to stall!
• This scan may take some time!
• When finished - it will display a logfile (located also on your main drive, usually C:\ComboFix.txt).

Include that log in your next reply.

If you'll encounter any issues with internet connection after running ComboFix, please visit this link.

If an error about operation on the key marked for deletion will appear after running the tool, please reboot your machine.

 

[James54]

I ran the malware bytes but it kept shutting down b4 i could save the logs and then combo fix ran and found stuff and altered it heres the logs for combofix im running malwarebytes again and should be able to save the log now. When i show proccesses for all users i still find the svchost.exe 20+ and conhost.exe x 5. Still cant use upload a file but can drag and drop it into browser now.

 

[James54]

Nothing's changed but I also noticed in taskmangaer that dllhost.exe conhost.exe svchost.exe csrss.exe nvvsvc.exe wmpnetwk.exe are all running multiply instances and using network system and host processess and wuauclt.exe will start then disappear as windows host and windows updates. for 5 secs then disappearr. I will post the malwarebytes log now. I still can't get into unistall program in windows and most windows related controls.

 

[James54]

When combofix ran early today it found that System file c:\Windows\SysWoW64\userinit.exe was infected does this mean my whole system got infected now?

 

[TwinHeadedEagle]

Having multiple processes with the same name is normal. Please uncheck show processes from all users within task manager.

PC seems clean, how is it behaving now?

 

[James54]

It's behaving the same as before I can't open uninstall programs or windows firewall. dllhost.exe x 40 in taskmanager without show all processes from all users checked.Seems like new ones pop up anytime I click on something that doesn't work or is unresponsive.Many things trigger this.

 

[James54]

My audio does not work and my nvidia geforce experience will never open just error codes ontop of the above stuff.

 

[TwinHeadedEagle]

Yes, I've spotted this.


Use the Windows Error Checking utility (Check Disk), with the options to fix file system errors and scan the disk surface for errors, attempt recovery of data and repair the disk:

• Click the "Windows Orb" Start button, then click Computer.
• Right-click on the drive that you wish to check > Properties > Tools tab
• In the "Error checking" section, click on Check now.
• Place a checkmark in both boxes > Start.
• If the disk you have chosen is the Windows system disk:
• A message will notify you that a restart is necessary ask "Do you want to check for hard disk errors the next time you start your computer?".
• Click Schedule disk check > OK and close all windows.
• Re-start the computer. The disk will be checked when the system boots.
• This will take some time to run and at times may appear stalled but just let it run.
• When the disk check is complete, the system will re-start automatically and load Windows.

A log of the disk check is recorded only if the scheduled re-start is used, and only for drives on the same HDD as the Operating System.
To open Event Viewer and view the log:

• Click the "Windows Orb" Start button -> type "eventvwr" without the quotes -> press the key.
• The Event Viewer window will open.
• In the left pane, expand "Windows Logs" and then click on Application.
• In the right pane, at the top, click on the column heading Source to sort the list alphabetically.
• Look in the Source column for "Wininit", with an entry corresponding to the date and time of the disk check.
• Click on that Wininit entry to select it.
• On the top main menu, click Action > Copy > Copy Details as Text.
• Paste the contents into your next reply.

 

[James54]

When i try to run the check disk when it starts it says volume access denied adn then a message about due to recently installed software windos is unable to run dskchk and it's super fast like 5-10 secs so I can't really re iterate the entire statement do you know what is preventing me from doing the dskchk?

 

[James54]

Cannot open volume for direct access.
Autochk cannot run due to an error caused by a recently installed software package.
Use the system restore feature from the control panel to restore to a point prior to the recent software package instillation.
An unspecified error occurred (766f6c756d652e63 3f1)”
I found a driver and utilities for dell xps L702X is that the boot disk for my windows 7 laptop?
I will wait for your response to procceed

 

[James54]

I've tried to use chkdsk in safe mode with command prompt and still get that error after making it check the volume on restart and still get volume for direct access cannot be opened. It does say the Volume is clean tho. So im guessing theres two options left... using system restore points will this put the malware back on me tho...cause i removed alot of malwares and adwares and infected files. Then the last option is factor default restore basically reinstall it all but my utility disc only is window32 and i have windows 64 bit also. Still going to wait for your response you might know what to do. Your my only hope Twinheadedeagle

 

[TwinHeadedEagle]

Please open CMD and type this:

chkdsk C: /R

When you're asked, type Y and press Enter. Then restart your PC.

 

[James54]

Ive done this same error, I tried it in safe mode also, Will system restoring and trying it be the next step?

 

[James54]

Im holding off on using system restore to be able to use chkdsk because im afraid the restore points will bring back the infected files or w/e might be in the restore points. but wihtout doing that I dont think i can fix the windows files using chkdsk Which means the only option left to do safely would be a clean reinstall of windows but I lack the windows 7 operating disk I only have a Drivers and utilies Dell XPS disk. Im confused :X

 

[TwinHeadedEagle]

You have several restore points, so it is worth a try.