Jump to content

malwarebytes premium blocking outbound from Firefox.exe and svchost.exe


WS50

Recommended Posts

My Malwarebytes has been poping up saying it's blocking access to outbound sites from both Svchost.exe and Firefox.exe.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by Adam (administrator) on TALI (20-09-2015 10:55:43)
Running from C:\Users\Adam\Desktop
Loaded Profiles: Adam (Available Profiles: Adam)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\n360.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Adam (2015-09-20 10:57:01)
Running from C:\Users\Adam\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-10-18 18:59:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Adam (S-1-5-21-1708661089-3344699614-197357334-1000 - Administrator - Enabled) => C:\Users\Adam
Administrator (S-1-5-21-1708661089-3344699614-197357334-500 - Administrator - Disabled)
Guest (S-1-5-21-1708661089-3344699614-197357334-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Premiere Elements 12 (HKLM\...\PremElem120) (Version: 12.1.0.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 12 (Version: 12.0 - Adobe Systems Incorporated) Hidden
Alliance4.7B (HKLM-x32\...\Alliance 4.7B_is1) (Version:  - )
Alliance6.02B (HKLM-x32\...\Alliance 6.02B_is1) (Version:  - )
Amazon Music (HKU\S-1-5-21-1708661089-3344699614-197357334-1000\...\Amazon Amazon Music) (Version: 3.10.1.1000 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
ComicRack v0.9.176 (HKLM\...\ComicRack) (Version: v0.9.176 - cYo Soft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Elevated Installer (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{44d9dfc0-3a4a-4439-870f-f97550a9bc8d}) (Version: 4.1.8.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kotor Tool (HKLM-x32\...\Kotor Tool) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
M4-78 Enhancement Project (HKLM-x32\...\The Sith Lords Restored Content Mod_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47CD-87CD-13E68B676E4F}) (Version: 1.2.20608.0 - Electronic Arts)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version:  - BioWare)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 22.5.2.15 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Graphics Driver 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
Phoenix Rising v1.2 (HKLM-x32\...\Phoenix Rising v1.2) (Version:  - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version:  - Telltale Games)
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version:  - Telltale Games)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Portal Stories: Mel (HKLM-x32\...\Steam App 317400) (Version:  - Prism Studios)
PRE12 STI 64Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 4.0.3.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Scribblenauts Unmasked (HKLM-x32\...\Steam App 249870) (Version:  - 5th Cell Media)
Seagate Drive Settings Installer (HKLM-x32\...\InstallShield_{91DDF870-EE18-44D8-9D93-F4C122B80908}) (Version: 1.00.0000 - Seagate Technologies LLC)
Seagate Drive Settings Installer (x32 Version: 1.00.0000 - Seagate Technologies LLC) Hidden
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
SOTE1.0B (HKLM-x32\...\SOTE 1.0B_is1) (Version:  - )
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version:  - Cryptic Studios)
Star Trek™: 25th Anniversary (HKLM-x32\...\Steam App 359650) (Version:  - )
Star Trek™: Judgment Rites (HKLM-x32\...\Steam App 364800) (Version:  - )
Star Trek™: Starfleet Academy (HKLM-x32\...\Steam App 364810) (Version:  - )
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
Star Wars - Jedi Knight II: Jedi Outcast (HKLM-x32\...\Steam App 6030) (Version:  - Raven Software)
Star Wars - Jedi Knight: Mysteries of the Sith (HKLM-x32\...\Steam App 32390) (Version:  - LucasArts)
Star Wars Jedi Knight: Dark Forces II (HKLM-x32\...\Steam App 32380) (Version:  - LucasArts)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version:  - Raven Software)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version:  - Bioware/EA)
STAR WARS Tie Fighter 95 Compatibility Fix (HKLM\...\{e54a1223-e3e6-4c2f-84ba-02c5c1c57da1}.sdb) (Version:  - )
Star Wars X-Wing 95 Compatibility Fix (HKLM\...\{43b2876b-3e34-4e6e-ac3f-4da816b782e0}.sdb) (Version:  - )
Star Wars: Dark Forces (HKLM-x32\...\Steam App 32400) (Version:  - LucasArts)
Star Wars: Empire at War Gold (HKLM-x32\...\Steam App 32470) (Version:  - Petroglyph)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Star Wars: Knights of the Old Republic II (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
STAR WARS™: TIE Fighter Special Edition (HKLM-x32\...\Steam App 355250) (Version:  - Totally Games)
STAR WARS™: X-Wing Alliance™ (HKLM-x32\...\Steam App 361670) (Version:  - Totally Games)
STAR WARS™: X-Wing Special Edition (HKLM-x32\...\Steam App 354430) (Version:  - Lucasfim)
STAR WARS™: X-Wing vs. TIE Fighter (HKLM-x32\...\Steam App 361690) (Version:  - Totally Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Tesla Effect (HKLM-x32\...\Steam App 261510) (Version:  - Big Finish Games)
Tex Murphy: Mean Streets (HKLM-x32\...\Steam App 302330) (Version:  - Access Software)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Legend of Korra™ (HKLM-x32\...\Steam App 281690) (Version:  - Platinum Games)
TP-LINK TL-WN821N©_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC Setup Helper (HKLM-x32\...\VLC Setup Helper_is1) (Version:  - )
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.20 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.1 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

10-09-2015 18:35:34 Garmin Express
10-09-2015 18:38:59 Garmin Express
10-09-2015 21:40:02 Windows Update
15-09-2015 06:15:58 Garmin Express

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06F6B092-068E-44E3-94F3-523E7F1D26FE} - System32\Tasks\{4E48C060-30F9-41CD-9A6D-0061E0EAE8CB} => pcalua.exe -a C:\Users\Adam\Downloads\jxpiinstall.exe -d C:\Users\Adam\Downloads
Task: {0B48C143-DC82-47A2-A405-F0E78FBB0EDA} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {15B8BF02-E54C-44DD-9F35-EAD1EC27155C} - System32\Tasks\HPCeeScheduleForAdam => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {1EAD5AC2-420F-4F24-B922-CD5A752AF3EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-08-27] (Hewlett-Packard)
Task: {2DC78BED-F34C-4912-A743-F3CB94EDB18D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {315DA501-E26F-43D3-A85B-FEA466574D6A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {539F8A17-D94B-4882-9E7C-F245E67950AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {594E360A-3428-4BAD-A5CD-D3EF71A1BFE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-08-27] (Hewlett-Packard)
Task: {5DCE6777-9E50-448E-8CA6-7C33ECB22450} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-09-11] ()
Task: {857EA252-B343-4C53-A6C4-99FDDD2A5D91} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {8E48537F-280E-4CB3-8CCC-EDC9C45ADC66} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)
Task: {9A2D067D-7DAC-4F12-853E-D61337192272} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {A2B207C9-6A1D-494E-AE81-A0793D01A807} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {BDD6AD23-25F2-4607-81A4-63FDF6C29142} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {DF705839-1DB5-4058-B26A-A0827381D61E} - System32\Tasks\AdobeAAMUpdater-1.0-tali-Adam => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {F940B9A5-093E-445D-A3C0-557A83D35898} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAdam.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (Whitelisted) ==============

2014-10-18 15:48 - 2015-05-11 23:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-31 19:31 - 2015-07-24 00:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-12 19:05 - 2015-08-12 19:05 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1708661089-3344699614-197357334-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AF87A694-BEFA-4388-BB89-0C9C399E509F}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{53FB0A55-DB4D-4CE8-A938-975EF68DB735}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{B30AC3C4-985C-4724-B225-581EC9426369}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{51B3661E-D853-446B-B897-77EB80984C12}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{817F6E10-84C2-4481-9B57-A0326ADB7ABD}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{BD2539C6-DE9E-4633-B600-F8AF95C97CBA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{DF5DB5C0-2CCE-453C-B423-456F3AEBAA7E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{A47044B2-21AD-4EB6-8083-AB2618B072EB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{619C7022-DCFE-489D-9E5F-1C921C634B9E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{73CE9538-3A4E-4C01-8EEE-531CFD49160C}] => (Allow) LPort=2869
FirewallRules: [{D67F42B5-F545-4407-8F7C-EFB52D9E6F5F}] => (Allow) LPort=1900
FirewallRules: [{F043F43E-F805-4308-9EAF-75B2B6F14AE8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{CF8BB9CB-B359-423A-BF8F-983213803F19}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{BE5DFCF7-46E9-48E2-83FD-66FBACBEC62F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F28B75CE-E132-42B9-BDEA-587BC28317B0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EEFF840D-1182-4EC5-8FA7-C47379519937}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E573E022-10D6-4C7C-B2F0-DABCBBD5C3A9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{96D89795-2F45-4D64-9E3D-ACE9DB067D12}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8AF36474-C804-43AC-BD44-C2156C057CE4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D7FE7CC3-08BF-4675-ABFE-04A9896C2E8B}] => (Allow) C:\Users\Adam\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F0F8B796-4099-402F-B198-5C0BEC864816}] => (Allow) C:\Users\Adam\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4FC529AB-D513-415A-BE39-408669E5CEAD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tesla Effect\TeslaEffect.exe
FirewallRules: [{64F9E032-D9A1-4C13-863D-79C1EF15759B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tesla Effect\TeslaEffect.exe
FirewallRules: [{3F9C4D3B-B115-4A5F-93E2-0C4F40AFA9E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{D68FCD77-D8EC-418C-A828-BFD59A304C7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Poker Night 2\PokerNight2.exe
FirewallRules: [{02F2BDC6-31B5-459A-BA56-E68999AC29F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{B1E275A6-B5BA-491C-88A0-817AC4497A67}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Poker Night at the Inventory\CelebrityPoker.exe
FirewallRules: [{2D8875CD-253B-407B-9979-34F5EE169EDE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{FCD19100-344E-4122-AD8E-32237252DCAA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{778EBEE5-928B-4083-87CD-FE484C0CCE10}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{45407DA1-8F08-48D0-92AA-78075B32CFC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{DAABE156-9EB2-4B35-9793-4096B171541D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{4A0CE67A-7460-47C5-A4D4-7AA033530AD4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{1E1CDFA7-98D7-4771-8D43-D68A9FBE4F3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{CBEFC88E-E3ED-46AC-A9E5-91FE8BD936DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{C87E00EF-3EE4-47E3-AB8E-7FF2F13DC34C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{99DDB8B2-D6FD-459E-B1F9-296F0A060951}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{3F292004-FE31-4842-B4E4-D252A752A34E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{11382775-99B0-4E98-BD83-34414FD61105}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{FC38B6E5-0A34-40F7-88B1-4B4A549F5BFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{D399FF53-3DBB-4515-B377-BCDFB6A58621}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{093410B0-A07E-4A55-BAB5-305D30E816B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{F89EEBD7-0A4C-4678-8E15-FD428760324A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{46C76CBF-42D9-4CD4-AB81-6658CC288831}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Legend of Korra\LoK.exe
FirewallRules: [{43DA01AE-8BC4-47B6-A204-33B4C14C214A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Legend of Korra\LoK.exe
FirewallRules: [{E0E820E7-15AA-405B-96D6-3AFED8C58CB9}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{56D788F2-A8E6-4A4F-A907-766B50B796A2}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{F84B2F34-5B33-4839-9AEE-0FAF0589202D}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{248A60B5-1CDB-4F51-8729-23E53B09A21B}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{AC61C6AB-8385-4A4F-8F02-D28EFE8C18ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Trek Online\Star Trek Online.exe
FirewallRules: [{65C59F98-92CC-4978-B7E4-43A46904E8A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Trek Online\Star Trek Online.exe
FirewallRules: [{E0B2B928-6DEF-4E39-BEA5-78C909D82340}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{80FDAFF2-C9DD-4634-BA82-F4EEE6DE6F04}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{5E7C042E-129C-4E29-BB78-2451D92CC138}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Setup Helper\VLC Setup Helper.exe
FirewallRules: [{96FFC486-B38C-4BCF-8D51-CBD6DA29738E}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Setup Helper\mDNSResponder.exe
FirewallRules: [{FD9D79D4-8776-43EA-B57E-08C19078A0B9}] => (Allow) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [{42841B0E-0A79-4D42-B90E-B391B23CAFCC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{A3A70C76-6F8F-48F9-B093-5DC4C99BA9D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{F8A463EA-5CBD-4B89-A1C1-518D443D5048}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B11A3311-C24C-4ACE-B8DB-33C621E143B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C657521E-2B98-4C9C-85B4-043CF4E702D9}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{AA5D897D-7219-4217-B69E-669FE54F5414}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{11B0A3D9-C24D-403B-B6FF-F7EF0E60D5D9}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{BE9E6E7D-5043-4A4F-8132-C791F76A08AB}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{3C0DCDA9-71D3-42A8-A488-349A20731441}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exe
FirewallRules: [{CB8DD833-FA8F-4797-8DE9-BD40AE93903A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exe
FirewallRules: [{396EDD72-F352-4303-823A-888341986E97}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{E2EC6313-C83A-4107-B79B-F06D0C6BA33D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{17028316-3216-4C27-8ABC-84FCE890C1DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{5788D45C-93F1-42F4-B58B-658A2D8ECE72}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{FF11F5FE-08DB-41C3-BFC1-63B20B867E81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STAR WARS Tie Fighter\remastered\TIE95.EXE
FirewallRules: [{CBEE0F34-44EA-4A51-B223-E236665DE5EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STAR WARS Tie Fighter\remastered\TIE95.EXE
FirewallRules: [{D75BE7BE-4A8F-4F75-AF31-3A0C812B2063}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STAR WARS Tie Fighter\classic\DOSBOX\dosbox.exe
FirewallRules: [{B7FC42A1-9F60-4E99-8B5A-16652C25D823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STAR WARS Tie Fighter\classic\DOSBOX\dosbox.exe
FirewallRules: [{A03288A0-AC1B-4CA0-A645-38CE1F26B1C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars X-Wing Alliance\alliance.exe
FirewallRules: [{F618733D-6648-4665-B415-6C14507FB16C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars X-Wing Alliance\alliance.exe
FirewallRules: [{57DFF842-D21B-4E60-BFDB-3BDC57BC18BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STAR WARS X-Wing\remastered\XWING95.EXE
FirewallRules: [{F62DD689-2B8E-4985-82E0-915BD5B04B88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STAR WARS X-Wing\remastered\XWING95.EXE
FirewallRules: [{71917DA9-1004-447F-9321-957C6D9BD150}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STAR WARS X-Wing\classic\DOSBOX\DOSBox.exe
FirewallRules: [{598DA13A-B8A6-4DC7-AC04-471983CD58D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STAR WARS X-Wing\classic\DOSBOX\DOSBox.exe
FirewallRules: [{5118A2AC-5EFE-416E-A952-3D43FC8E8818}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STAR WARS X-Wing vs TIE Fighter\xwingtie.exe
FirewallRules: [{381C0ADA-7B8B-4C9D-B709-4CD541262C21}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STAR WARS X-Wing vs TIE Fighter\xwingtie.exe
FirewallRules: [{3CB1F1AF-7C9D-4C3A-B00A-43E4CD1EBEFC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Trek Starfleet Academy\sfad3d.exe
FirewallRules: [{F7636670-AF57-40F4-A38F-1BCF228502F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Trek Starfleet Academy\sfad3d.exe
FirewallRules: [{59D4ECD1-A502-4D50-B706-0AE6E77563FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{315B2646-C74A-41EC-9A72-505CCE2CCCB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{64647D92-BFA2-4EBE-BC43-B4D98C2DC712}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Outcast\GameData\jk2sp.exe
FirewallRules: [{B33ADF74-637F-4216-AB49-08A4A95F6D15}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Outcast\GameData\jk2sp.exe
FirewallRules: [{90082BCE-2875-4D7D-8892-D6FB8D522DD8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Outcast\GameData\jk2mp.exe
FirewallRules: [{C1387576-3912-40AD-8314-A2FCF07C227A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Outcast\GameData\jk2mp.exe
FirewallRules: [{6E4D99CE-984D-4D86-9D67-02770106D8C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Jedi Knight\JK.EXE
FirewallRules: [{697F7471-4B83-4DCF-9216-21248BD1AE4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Jedi Knight\JK.EXE
FirewallRules: [{2D5FA041-9B76-48CE-ACD4-654D5FBEE90A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Knight Mysteries of the Sith\JKM.EXE
FirewallRules: [{DD114AB3-8430-44EF-9304-DE36A6D99FE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Jedi Knight Mysteries of the Sith\JKM.EXE
FirewallRules: [{06CFD465-14D8-41E4-883E-AD75A83480A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Empire at War\corruption\swfoc.exe
FirewallRules: [{1B2744DE-DCC8-430B-83F1-B8D2F6B049BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Star Wars Empire at War\corruption\swfoc.exe
FirewallRules: [{2B5D0F34-280B-4349-945D-1278C180DB66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Scribblenauts Unmasked\Scribble.exe
FirewallRules: [{7A9C78C1-BFEC-4E05-A469-0F978C50398E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Scribblenauts Unmasked\Scribble.exe
FirewallRules: [{536F3897-6856-40C4-B80A-C1BDD03F5900}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{31BF7367-A0EF-4FD1-81F8-8A1D90543F1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{244C44C7-0F4A-4C11-8B05-25B67CEE0CC5}] => (Allow) C:\Users\Adam\AppData\Local\Temp\7zS4FF3.tmp\SymNRT.exe
FirewallRules: [{E2788DCE-E517-4489-8E71-31AC52524146}] => (Allow) C:\Users\Adam\AppData\Local\Temp\7zS4FF4.tmp\SymNRT.exe
FirewallRules: [{89A5F0E9-A60D-4B5F-B098-7146655B721F}] => (Allow) C:\Users\Adam\AppData\Local\Temp\7zS4FF3.tmp\SymNRT.exe
FirewallRules: [{0B7E1158-341A-4CF1-87AD-BDC6C2C6B82C}] => (Allow) C:\Users\Adam\AppData\Local\Temp\7zS4FF4.tmp\SymNRT.exe
FirewallRules: [TCP Query User{FF350ACA-ED39-452D-A6B8-26E0FC9EA9F2}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [uDP Query User{F9D5D53E-9548-4820-896A-4B611FA9C14B}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [{173C1856-7361-40EA-95FF-BC3A09F9AD49}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tex Murphy 1\dosbox_windows\dosbox.exe
FirewallRules: [{18C067DB-84B4-49FD-B239-3F1E8B4F0D5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tex Murphy 1\dosbox_windows\dosbox.exe
FirewallRules: [TCP Query User{FC3096D2-9823-4365-BAD0-E9AF9587F348}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [uDP Query User{79C3097B-23CA-40A7-A78C-45318DB9CE29}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [{0C4B3E47-58BF-4483-8320-0AB67E633B84}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0975A616-1ABC-4103-AC25-A8D3D92E7FC9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0205797A-8067-4729-A821-9E9121B0F352}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{06162AB5-F6B2-42EF-9DBE-33724260379E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EC480A70-56EF-4929-A786-EBFA40CAD8F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4607806F-5332-456C-B148-ADDDD8DA9B45}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/19/2015 10:30:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Amazon Music.exe, version: 3.10.0.0, time stamp: 0x55a89ffb
Faulting module name: Amazon Music.exe, version: 3.10.0.0, time stamp: 0x55a89ffb
Exception code: 0x40000015
Fault offset: 0x0024cc98
Faulting process id: 0x1a34
Faulting application start time: 0xAmazon Music.exe0
Faulting application path: Amazon Music.exe1
Faulting module path: Amazon Music.exe2
Report Id: Amazon Music.exe3

Error: (09/13/2015 04:48:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: N360.exe, version: 13.0.2.6, time stamp: 0x55772924
Faulting module name: ccLib.dll, version: 13.0.2.6, time stamp: 0x55772916
Exception code: 0xc0000005
Fault offset: 0x0003a619
Faulting process id: 0x5ec
Faulting application start time: 0xN360.exe0
Faulting application path: N360.exe1
Faulting module path: N360.exe2
Report Id: N360.exe3

Error: (09/11/2015 07:03:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ExpressTray.exe, version: 4.1.7.0, time stamp: 0x55eefd02
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18939, time stamp: 0x55afd8e7
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0x10d8
Faulting application start time: 0xExpressTray.exe0
Faulting application path: ExpressTray.exe1
Faulting module path: ExpressTray.exe2
Report Id: ExpressTray.exe3

Error: (09/11/2015 07:03:04 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ExpressTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.TypeInitializationException
Stack:
   at Garmin.Omt.Express.TrayApi.TrayCommunicationService..ctor()
   at Garmin.Omt.Express.TrayApplication.App..ctor()
   at Garmin.Omt.Express.TrayApplication.App.Main()

Error: (09/10/2015 07:16:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ExpressTray.exe, version: 4.1.7.0, time stamp: 0x55eefd02
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18939, time stamp: 0x55afd8e7
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0x17b4
Faulting application start time: 0xExpressTray.exe0
Faulting application path: ExpressTray.exe1
Faulting module path: ExpressTray.exe2
Report Id: ExpressTray.exe3

Error: (09/10/2015 07:16:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ExpressTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.TypeInitializationException
Stack:
   at Garmin.Omt.Express.TrayApi.TrayCommunicationService..ctor()
   at Garmin.Omt.Express.TrayApplication.App..ctor()
   at Garmin.Omt.Express.TrayApplication.App.Main()

Error: (09/10/2015 07:15:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ExpressTray.exe, version: 4.1.7.0, time stamp: 0x55eefd02
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18939, time stamp: 0x55afd8e7
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0xc4c
Faulting application start time: 0xExpressTray.exe0
Faulting application path: ExpressTray.exe1
Faulting module path: ExpressTray.exe2
Report Id: ExpressTray.exe3

Error: (09/10/2015 07:15:09 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ExpressTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.TypeInitializationException
Stack:
   at Garmin.Omt.Express.TrayApi.TrayCommunicationService..ctor()
   at Garmin.Omt.Express.TrayApplication.App..ctor()
   at Garmin.Omt.Express.TrayApplication.App.Main()

Error: (09/10/2015 06:46:44 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.CSharp, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070003

Error: (09/10/2015 06:46:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06


System errors:
=============
Error: (09/20/2015 10:43:50 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/20/2015 10:43:49 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/20/2015 10:43:49 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/20/2015 10:43:48 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/20/2015 10:43:48 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/20/2015 09:56:09 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Search service hung on starting.

Error: (09/20/2015 09:50:35 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (09/19/2015 09:28:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (09/19/2015 11:34:03 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/18/2015 06:20:08 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.


==================== Memory info ===========================

Processor: Intel® Pentium® CPU G630 @ 2.70GHz
Percentage of memory in use: 41%
Total physical RAM: 8174.54 MB
Available physical RAM: 4761.33 MB
Total Virtual: 16347.29 MB
Available Virtual: 12742.01 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1385.62 GB) (Free:729.45 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.55 GB) (Free:1.41 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (READYBOOST) (Removable) (Total:7.39 GB) (Free:7.39 GB) FAT32
Drive g: (L3X1-L3X8) (Removable) (Total:14.61 GB) (Free:7.64 GB) FAT32
Drive h: (EXTERNAL SD) (Removable) (Total:58.56 GB) (Free:58.51 GB) exFAT
Drive k: (Seabiscut) (Fixed) (Total:1863.01 GB) (Free:1057.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 11D21EFF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1385.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7.4 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 14.6 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=14.6 GB) - (Type=0C)

========================================================
Disk: 4 (Size: 58.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

 

Link to post
Share on other sites

Hello,

    

 

They call me TwinHeadedEagle around here, and I'll try to help your with your issue.

 

     

    

Before we start please read and note the following:

  • We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
:excl: I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!

:excl: There are no silly questions. Never be afraid to ask if in doubt!

 

 

 

  warning.gif Rules and policies

 

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

 

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

 

 


Are you on Verizon network?


Please re-run 51a46ae42d560-malwarebytes_anti_malware. Malwarebytes' Anti-Malware.

  • Click the History tab.
  • Click Application Logs and click on the newest Protection Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and attach it in your next reply.
Link to post
Share on other sites

  • 3 weeks later...

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.