Jump to content


Photo
- - - - -

Slow Internet Chrome.exe/svchost


  • Please log in to reply
1 reply to this topic

#1 skylink_charles

skylink_charles

    Newbie

  • Newbie
  • Pip
  • 2 posts

Posted 09 October 2017 - 10:18 AM

Hi Need help I'm currently having disconnects on my internet. I observed the chrome.exe is running on my network resource monitor even if chrome is closed. Also there's surge in svchost.exe from time to time. 
 
 
Log below:
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-10-2017
Ran by CJ (administrator) on DESKTOP-6DJTFS0 (10-10-2017 00:11:09)
Running from C:\Users\CJ\Downloads
Loaded Profiles: CJ (Available Profiles: CJ)
Platform: Windows 10 Pro Version 1607 170706-2004 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Viber Media S.à r.l.) C:\Users\CJ\AppData\Local\Viber\Viber.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Mudfish Cloud VPN\mudrun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Mudfish DNS Client\muddnsc.exe
() C:\Program Files (x86)\Mudfish Cloud VPN\mudflow.exe
() C:\Program Files (x86)\Mudfish Cloud VPN\mudfish.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
() C:\Program Files (x86)\Black Desert Online\bin64\BlackDesert64.exe
(Wellbia.com Co., Ltd.) C:\Program Files (x86)\Black Desert Online\bin64\xc\na\2\xcoronahost.xem
(Wellbia.com) C:\Program Files (x86)\Black Desert Online\bin64\xc\na\2\xxd-0.xem
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Coherent Labs) C:\Program Files (x86)\Black Desert Online\bin64\host\CoherentUI_Host.exe
(Coherent Labs) C:\Program Files (x86)\Black Desert Online\bin64\host\CoherentUI_Host.exe
(Coherent Labs) C:\Program Files (x86)\Black Desert Online\bin64\host\CoherentUI_Host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2017-03-16] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51984 2016-12-17] (Copyright © 2016 Plays.tv, LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2908262934-1883109290-1439357133-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074336 2017-10-05] (Valve Corporation)
HKU\S-1-5-21-2908262934-1883109290-1439357133-1002\...\Run: [uTorrent] => C:\Users\CJ\AppData\Roaming\uTorrent\uTorrent.exe [2146496 2017-07-04] (BitTorrent Inc.)
HKU\S-1-5-21-2908262934-1883109290-1439357133-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-23] (Disc Soft Ltd)
HKU\S-1-5-21-2908262934-1883109290-1439357133-1002\...\Run: [WallpaperEngine] => "C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe" -silent
HKU\S-1-5-21-2908262934-1883109290-1439357133-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2908262934-1883109290-1439357133-1002\...\Run: [Spotify] => C:\Users\CJ\AppData\Roaming\Spotify\Spotify.exe [20803184 2017-10-01] (Spotify Ltd)
HKU\S-1-5-21-2908262934-1883109290-1439357133-1002\...\Run: [Discord] => C:\Users\CJ\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-2908262934-1883109290-1439357133-1002\...\Run: [Mudfish DNS Client] => C:\Program Files (x86)\Mudfish DNS Client\muddnsc.exe [339728 2016-10-17] ()
HKU\S-1-5-21-2908262934-1883109290-1439357133-1002\...\Run: [Viber] => C:\Users\CJ\AppData\Local\Viber\Viber.exe [30800464 2017-09-26] (Viber Media S.à r.l.)
HKU\S-1-5-21-2908262934-1883109290-1439357133-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25622168 2017-08-31] (Google)
HKU\S-1-5-21-2908262934-1883109290-1439357133-1002\...\Run: [Spotify Web Helper] => C:\Users\CJ\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-10-01] (Spotify Ltd)
HKU\S-1-5-21-2908262934-1883109290-1439357133-1002\...\MountPoints2: {c1957884-9997-11e7-9c8f-408d5ce7f1ad} - "E:\setup.exe" 
GroupPolicy: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 114.108.195.1 114.108.193.201
Tcpip\..\Interfaces\{176cf1bd-e608-41d9-8fd2-0d8616a5ef9a}: [DhcpNameServer] 114.108.195.1 114.108.193.201
Tcpip\..\Interfaces\{42cbef20-1bee-4e12-af23-23548bc926df}: [DhcpNameServer] 114.108.195.1 114.108.193.201
Tcpip\..\Interfaces\{aa7a312b-78fe-4d9b-bc8a-4342e45de8d3}: [DhcpNameServer] 114.108.195.1 114.108.193.201
 
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-28] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-10-01] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-28] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-01] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-28] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-10-01] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-28] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-01] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\CJ\AppData\Roaming\Mozilla\Firefox\Profiles\4i1byb64.default [2017-10-06]
FF Plugin: @java.com/DTPlugin,version=10.15.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2017-10-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-01] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2017-10-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @zenointel.com/p2p -> C:\Program Files (x86)\IVSWeb\Bin\npzeno.dll [2016-10-21] (zeno)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR NewTab: Default ->  Not-active:"chrome-extension://ekphndofpjddifhmklpfanlhgfabepdd/html/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://www.blpsearch.com/search?sid={SYSID}&aid={APPID}&itype=u&src=ds&p={searchTerms}&tm=0
CHR DefaultSearchKeyword: Default -> Default-Search
CHR Profile: C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default [2017-10-10]
CHR Extension: (Google Docs) - C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-27]
CHR Extension: (Google Drive) - C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-27]
CHR Extension: (YouTube) - C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-27]
CHR Extension: (Google Docs Offline) - C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-27]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-10-02]
CHR Extension: (Hoxx VPN Proxy) - C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2017-08-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-27]
CHR Extension: (Chrome Media Router) - C:\Users\CJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-26]
CHR HKU\S-1-5-21-2908262934-1883109290-1439357133-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1533448 2017-09-14] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761608 2017-09-08] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-23] (Disc Soft Ltd)
S2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2017-03-16] ()
S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [52656 2017-09-27] (AnchorFree Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [513144 2017-08-22] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [513144 2017-08-22] (NVIDIA Corporation)
S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation)
S2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-08-22] (NVIDIA Corporation)
S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55056 2016-12-17] (Copyright © 2016 Plays.tv, LLC)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-12-17] (Microsoft Corporation)
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S2 AdaptiveSleepService; "C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe" [X]
S2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AFTrafMgr1.3; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_3_64.sys [64912 2017-09-07] (AnchorFree Inc.)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-01-01] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-01-01] (Disc Soft Ltd)
S3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-10-09] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ce1961376673184c\nvlddmkm.sys [15600248 2017-08-23] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-08-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-08-22] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-08-22] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-08] (Razer, Inc.)
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [52952 2016-11-26] (SteelSeries ApS)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 xhunter1; C:\WINDOWS\xhunter1.sys [38368 2017-10-09] (Wellbia.com Co., Ltd.)
S3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2016-12-15] (Intel Corporation)
S2 AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-10-10 00:11 - 2017-10-10 00:11 - 000018511 _____ C:\Users\CJ\Downloads\FRST.txt
2017-10-10 00:11 - 2017-10-10 00:11 - 000000000 ____D C:\FRST
2017-10-10 00:09 - 2017-10-10 00:10 - 002401792 _____ (Farbar) C:\Users\CJ\Downloads\FRST64.exe
2017-10-09 23:48 - 2017-10-09 23:48 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-10-09 23:48 - 2017-10-09 23:48 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-09 23:48 - 2017-10-09 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-09 23:48 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-10-09 23:47 - 2017-10-09 23:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-09 23:47 - 2017-10-09 23:47 - 000000000 ____D C:\Program Files\Malwarebytes
2017-10-09 23:35 - 2017-10-09 23:40 - 071535032 _____ (Malwarebytes ) C:\Users\CJ\Downloads\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951.exe
2017-10-09 21:17 - 2017-10-09 21:17 - 000001141 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2017-10-09 21:17 - 2017-10-09 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2017-10-09 21:17 - 2017-10-09 21:17 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2017-10-09 20:39 - 2017-10-09 21:15 - 017316208 _____ (AnchorFree Inc.) C:\Users\CJ\Downloads\HotspotShield-7.1.4-14117277.exe
2017-10-08 22:15 - 2017-10-08 22:15 - 000172544 _____ C:\Users\CJ\Downloads\API_SH.XPD.PUBL_DS2_en_excel_v2.xls
2017-10-08 21:07 - 2017-10-08 21:07 - 000050870 _____ C:\Users\CJ\Downloads\medical-kit.psd
2017-10-08 21:07 - 2017-10-08 21:07 - 000004203 _____ C:\Users\CJ\Downloads\medical-kit.eps
2017-10-08 21:06 - 2017-10-08 21:06 - 000002137 _____ C:\Users\CJ\Downloads\medical-kit.svg
2017-10-07 02:46 - 2017-10-07 02:46 - 000000165 ____H C:\Users\CJ\Downloads\~$Marketofy 2.0 - 16x9 - MAIN.pptx
2017-10-07 02:43 - 2017-10-07 02:43 - 000000165 ____H C:\Users\CJ\Downloads\~$Marketofy - 16x9 - Colored Light.pptx
2017-10-07 00:18 - 2017-10-07 00:19 - 000000165 ____H C:\Users\CJ\Downloads\~$Hospitals_10.6.2017.xlsx
2017-10-06 23:27 - 2017-10-09 01:10 - 001786776 _____ C:\Users\CJ\Downloads\Hospitals_10.6.2017.xlsx
2017-10-06 23:27 - 2017-10-06 23:27 - 000230723 _____ C:\Users\CJ\Downloads\Beds ppt_10.6.2017.pptx
2017-10-05 23:13 - 2017-10-05 23:16 - 017316208 _____ (AnchorFree Inc.) C:\Users\CJ\Downloads\HotspotShield-7.1.4-13784716.exe
2017-10-05 23:07 - 2017-10-05 23:07 - 000000000 ____D C:\Users\CJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mudfish Cloud VPN
2017-10-05 23:06 - 2017-10-05 23:06 - 001832496 _____ C:\Users\CJ\Downloads\mudfish-4.4.6-x86_64-win2k-setup.exe
2017-10-03 01:48 - 2017-10-03 01:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-02 22:18 - 2015-10-11 11:52 - 052451274 _____ C:\Users\CJ\Desktop\Marketofy - 16x9 - Colored Light.pptx
2017-10-02 21:25 - 2017-10-03 01:52 - 000255099 _____ C:\Users\CJ\Downloads\Hospitals.xlsx
2017-10-02 21:25 - 2017-10-02 21:25 - 000227451 _____ C:\Users\CJ\Downloads\Beds ppt.pptx
2017-10-02 20:40 - 2017-10-02 20:40 - 000000000 ____D C:\Users\CJ\AppData\Local\Viber
2017-10-02 20:36 - 2017-10-09 01:04 - 002926060 _____ C:\Users\CJ\Downloads\'17 CPA T&D_Hospitals_Part 1 Industry and Regulations+.pptx
2017-10-02 20:36 - 2017-10-02 20:36 - 000151753 _____ C:\Users\CJ\Downloads\implementing_guidelines_0.pdf
2017-10-02 20:36 - 2017-10-02 20:36 - 000002486 _____ C:\Users\CJ\Downloads\Agenda.txt
2017-10-02 00:16 - 2017-10-02 00:16 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2017-10-02 00:16 - 2017-10-02 00:16 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2017-10-02 00:12 - 2017-01-02 17:00 - 010600703 _____ C:\Users\CJ\Downloads\Marketofy 2.0 - 16x9 - MAIN.pptx
2017-10-02 00:06 - 2017-10-09 23:33 - 000000000 ___RD C:\Users\CJ\Google Drive
2017-10-02 00:06 - 2017-10-02 00:06 - 000001757 _____ C:\Users\CJ\Desktop\Google Drive.lnk
2017-10-01 23:54 - 2017-10-01 23:54 - 000279068 _____ C:\Users\CJ\Downloads\hospitals_032015.pdf
2017-10-01 23:35 - 2015-10-11 11:52 - 052451274 _____ C:\Users\CJ\Downloads\Marketofy - 16x9 - Colored Light.pptx
2017-10-01 23:01 - 2017-10-02 00:17 - 000002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-10-01 23:01 - 2017-10-02 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-10-01 23:01 - 2017-10-01 23:01 - 000759525 _____ C:\Users\CJ\Downloads\Hospital Training_Part 5_+.pptx
2017-10-01 22:57 - 2017-10-01 22:57 - 001130328 _____ (Google Inc.) C:\Users\CJ\Downloads\googledrivesync.exe
2017-10-01 22:53 - 2017-10-02 01:51 - 000000000 ____D C:\Users\CJ\Desktop\Hospital Training
2017-10-01 22:51 - 2017-10-01 22:51 - 028081172 _____ C:\Users\CJ\Desktop\Industries 2017.rar
2017-10-01 22:22 - 2017-10-01 22:23 - 001206627 _____ C:\Users\CJ\Downloads\CTA_1D_CV_06746_D_2009FEB23_ASS.pdf
2017-10-01 22:02 - 2017-10-01 22:02 - 000096644 _____ C:\Users\CJ\Downloads\hospitals_032015.xlsx
2017-10-01 22:00 - 2017-10-01 22:00 - 000156391 _____ C:\Users\CJ\Downloads\hospitals_122016.xlsx
2017-10-01 21:58 - 2017-10-01 21:58 - 000358158 _____ C:\Users\CJ\Downloads\hospitals_122016.pdf
2017-10-01 18:25 - 2017-10-01 17:12 - 300769661 _____ C:\Users\CJ\Documents\EZ ppt.zip
2017-10-01 17:13 - 2017-01-02 19:01 - 000000000 ____D C:\Users\CJ\Downloads\__MACOSX
2017-10-01 17:13 - 2016-09-12 12:46 - 000000000 ____D C:\Users\CJ\Downloads\Marketofy v2.0 Powerpoint Template
2017-10-01 16:28 - 2017-10-01 17:12 - 300769661 _____ C:\Users\CJ\Downloads\graphicriver-13231486-marketofy-ultimate-powerpoint-template.zip
2017-10-01 16:14 - 2017-10-01 22:30 - 000000000 ____D C:\Users\CJ\Downloads\Hospitals
2017-10-01 16:03 - 2017-10-01 16:03 - 003776597 _____ C:\Users\CJ\Downloads\MPIC 2016 17A - FINAL.pdf
2017-10-01 15:48 - 2017-10-01 16:10 - 009307480 _____ C:\Users\CJ\Downloads\Unconfirmed 71936.crdownload
2017-10-01 15:09 - 2017-10-01 15:42 - 051981638 _____ C:\Users\CJ\Downloads\Unconfirmed 721227.crdownload
2017-10-01 09:26 - 2017-10-01 09:26 - 001120545 _____ C:\Users\CJ\Downloads\Healthcare ph 2015.pdf
2017-10-01 09:26 - 2017-10-01 09:26 - 000998300 _____ C:\Users\CJ\Downloads\Healthcare ph 2016.pdf
2017-10-01 09:23 - 2017-10-01 09:23 - 000783896 _____ C:\Users\CJ\Downloads\study_id44300_the-philippines.pdf
2017-10-01 09:20 - 2017-10-01 09:20 - 002991957 _____ C:\Users\CJ\Downloads\MarketResearch.com_10702756.pdf
2017-10-01 09:09 - 2017-10-01 09:09 - 005303043 _____ C:\Users\CJ\Downloads\Philippines Country Risk Report.pdf
2017-10-01 05:48 - 2017-10-01 05:31 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2017-10-01 05:44 - 2017-10-01 05:47 - 057217088 _____ (Oracle Corporation) C:\Users\CJ\Downloads\jre-8u144-windows-i586.exe
2017-10-01 05:39 - 2017-10-01 05:42 - 063119957 _____ C:\Users\CJ\Downloads\jre-8u144-windows-i586.tar.gz
2017-10-01 05:35 - 2017-10-01 05:35 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-10-01 05:35 - 2017-10-01 05:35 - 000001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-10-01 05:35 - 2017-10-01 05:35 - 000000000 ____D C:\ProgramData\Mozilla
2017-10-01 05:32 - 2017-10-01 05:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-10-01 05:32 - 2017-10-01 05:05 - 001085344 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2017-10-01 05:32 - 2017-10-01 05:05 - 000963488 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2017-10-01 05:30 - 2017-10-01 05:48 - 000000000 ____D C:\Program Files (x86)\Java
2017-10-01 05:30 - 2017-10-01 05:47 - 000270912 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2017-10-01 05:30 - 2017-10-01 05:47 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-10-01 05:30 - 2017-10-01 05:30 - 000867240 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\npDeployJava1.dll
2017-10-01 05:30 - 2017-10-01 05:30 - 000789416 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\deployJava1.dll
2017-10-01 05:30 - 2017-10-01 05:30 - 000000000 ____D C:\ProgramData\Sun
2017-10-01 05:22 - 2017-10-01 05:25 - 036445280 _____ C:\Users\CJ\Downloads\Firefox Setup 33.0.2.exe
2017-10-01 05:21 - 2017-10-01 05:25 - 031714728 _____ (Oracle Corporation) C:\Users\CJ\Downloads\jre-7u25-windows-i586.exe
2017-10-01 05:10 - 2017-10-01 05:11 - 008624296 _____ (Mozilla) C:\Users\CJ\Downloads\FirefoxSetup3.6.28.exe
2017-10-01 05:05 - 2017-10-01 05:32 - 000000000 ____D C:\Program Files\Java
2017-10-01 05:05 - 2017-10-01 05:31 - 000319552 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2017-10-01 05:05 - 2017-10-01 05:31 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-10-01 05:02 - 2017-10-01 05:02 - 000002710 _____ C:\WINDOWS\mozver.dat
2017-10-01 05:00 - 2017-10-01 05:00 - 004918270 _____ (Mozilla) C:\Users\CJ\Downloads\Firefox Setup 1.0.exe
2017-10-01 04:58 - 2017-10-01 05:01 - 032999840 _____ (Oracle Corporation) C:\Users\CJ\Downloads\jre-7u15-windows-x64.exe
2017-10-01 04:48 - 2017-10-01 04:48 - 000000000 ____D C:\Users\CJ\AppData\LocalLow\Sun
2017-10-01 04:47 - 2017-10-01 05:49 - 000000000 ____D C:\ProgramData\Oracle
2017-10-01 04:47 - 2017-10-01 04:47 - 000000000 ____D C:\Users\CJ\AppData\Roaming\Sun
2017-10-01 04:39 - 2017-10-01 04:43 - 065365056 _____ (Oracle Corporation) C:\Users\CJ\Downloads\jre-8u144-windows-x64.exe
2017-09-30 19:37 - 2017-09-30 19:41 - 070683081 _____ C:\Users\CJ\Downloads\jre-9_windows-x64_bin.tar.gz
2017-09-30 19:16 - 2017-09-30 19:16 - 000245712 _____ (Mozilla) C:\Users\CJ\Downloads\Firefox Installer.exe
2017-09-30 19:07 - 2017-09-30 19:07 - 000000000 ____D C:\Users\CJ\AppData\Local\{3248F0A6-6813-11D6-A77B-00B0D0150050}
2017-09-30 18:45 - 2017-09-30 18:45 - 016433280 _____ (Sun Microsystems, Inc. ) C:\Users\CJ\Downloads\jre_1_5_0_05.exe
2017-09-30 18:04 - 2017-09-30 18:04 - 001418410 _____ C:\Users\CJ\Downloads\Summary of HB No. 5636 and SB No. 1592 (Tax Reform Bill).pdf
2017-09-30 14:26 - 2017-09-30 14:26 - 000027394 _____ C:\Users\CJ\Downloads\2016_Summary of Mt. Grace Hospitals (1).xlsx
2017-09-29 06:28 - 2017-09-29 06:28 - 000465466 _____ C:\Users\CJ\Downloads\ATISCO_8 30 2017_Working Trial Balance.xlsx
2017-09-28 21:41 - 2017-09-28 21:41 - 005024016 _____ C:\Users\CJ\Downloads\2016_HMSI_WTB_7 14 2017_9 18 2017 v3.xlsx
2017-09-26 21:01 - 2017-09-26 23:29 - 000009651 _____ C:\Users\CJ\Downloads\Cash Flow.xlsx
2017-09-24 23:48 - 2017-09-25 01:10 - 000000000 ____D C:\Users\CJ\Desktop\Industries 2017
2017-09-24 23:34 - 2017-09-24 23:34 - 001382389 _____ C:\Users\CJ\Downloads\MLIP2373-0038.pdf
2017-09-23 12:58 - 2017-09-23 12:58 - 002836805 _____ C:\Users\CJ\Downloads\2017_SFCMCI_PFRS Disclosure Checklist.xlsx
2017-09-22 12:27 - 2017-09-22 12:27 - 000468620 _____ C:\Users\CJ\Downloads\YTMI_6 30 2017_Working Trial Balance_edt.xlsx
2017-09-21 23:29 - 2017-10-09 21:17 - 000000000 ____D C:\ProgramData\Hotspot Shield
2017-09-21 22:51 - 2017-09-21 23:00 - 015269888 _____ (AnchorFree Inc.) C:\Users\CJ\Downloads\HotspotShield-7.1.3-12690018.exe
2017-09-20 21:26 - 2017-09-20 21:26 - 000000000 ____D C:\Users\CJ\ansel
2017-09-20 21:25 - 2017-10-09 23:57 - 000038368 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2017-09-20 21:23 - 2017-09-30 02:44 - 000000000 ____D C:\Users\CJ\Documents\Black Desert
2017-09-20 00:24 - 2017-09-20 00:39 - 002153872 _____ C:\Users\CJ\Downloads\2017_YRC_Presentation_CJP.pptx
2017-09-20 00:15 - 2017-09-20 00:19 - 002118525 _____ C:\Users\CJ\Downloads\2017_YRC_Presentation for CJP 9 20 2017.pptx
2017-09-19 23:38 - 2017-09-19 23:38 - 000011578 _____ C:\Users\CJ\Downloads\Recovery.xlsx
2017-09-19 23:27 - 2017-09-19 23:27 - 000026396 _____ C:\Users\CJ\Downloads\2017_Torres Group_Time Charges.xlsx
2017-09-19 23:27 - 2017-09-19 23:27 - 000014193 _____ C:\Users\CJ\Downloads\2017_Cabrini_Time Charges.xlsx
2017-09-19 23:23 - 2017-09-19 23:23 - 002033199 _____ C:\Users\CJ\Downloads\2017_YRC_Presentation CJP.pptx
2017-09-19 22:14 - 2017-09-19 23:22 - 002033196 _____ C:\Users\CJ\Downloads\2017_YRC_Presentation ttech 2017.pptx
2017-09-18 20:47 - 2017-09-18 20:47 - 000334745 _____ C:\Users\CJ\Downloads\September 18 Managers Meeting_+.pdf
2017-09-18 07:15 - 2017-09-18 07:15 - 000000000 ____D C:\Users\CJ\AppData\Local\TeamViewer
2017-09-18 07:13 - 2017-10-05 22:52 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-09-18 07:13 - 2017-09-18 07:13 - 000001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-18 07:13 - 2017-09-18 07:13 - 000001104 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-09-18 07:13 - 2017-09-18 07:13 - 000000000 ____D C:\Users\CJ\AppData\Roaming\TeamViewer
2017-09-18 07:13 - 2016-11-28 18:55 - 000035112 _____ (TeamViewer GmbH) C:\WINDOWS\system32\Drivers\teamviewervpn.sys
2017-09-18 06:35 - 2017-09-18 06:51 - 015756368 _____ (TeamViewer GmbH) C:\Users\CJ\Downloads\TeamViewer_Setup.exe
2017-09-17 20:40 - 2017-09-17 20:40 - 000000000 ____D C:\Users\CJ\AppData\Local\cache
2017-09-17 20:33 - 2017-09-17 20:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
2017-09-17 20:30 - 2017-09-17 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-09-17 14:36 - 2017-10-09 23:55 - 000000000 ____D C:\Users\CJ\AppData\Local\BlackDesertOnline
2017-09-17 14:34 - 2017-10-09 23:57 - 000000000 ____D C:\Program Files (x86)\Black Desert Online
2017-09-17 14:34 - 2017-09-17 14:34 - 000002083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Black Desert Online.lnk
2017-09-17 14:34 - 2017-09-17 14:34 - 000002077 _____ C:\Users\Public\Desktop\Black Desert Online.lnk
2017-09-17 14:34 - 2017-09-17 14:34 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-09-17 14:34 - 2017-09-17 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Desert Online
2017-09-17 14:00 - 2017-09-17 14:02 - 051930432 _____ (Kakao Games Europe B.V.) C:\Users\CJ\Downloads\BlackDesertOnlineSetup_20170726_1022.exe
2017-09-17 12:02 - 2017-09-17 12:02 - 000002584 _____ C:\Users\CJ\Desktop\Windows 7 USB DVD Download Tool.lnk
2017-09-17 12:02 - 2017-09-17 12:02 - 000000000 ____D C:\Users\CJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2017-09-17 12:02 - 2017-09-17 12:02 - 000000000 ____D C:\Users\CJ\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2017-09-17 12:01 - 2017-09-17 12:01 - 002721168 _____ (Microsoft Corporation) C:\Users\CJ\Downloads\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe
2017-09-17 11:57 - 2017-09-17 11:58 - 000000000 ___HD C:\$WINDOWS.~BT
2017-09-14 23:00 - 2017-09-14 23:00 - 000214044 _____ C:\Users\CJ\Downloads\Jowel Pelayo.pdf
2017-09-14 06:53 - 2017-09-14 06:53 - 005408934 _____ C:\Users\CJ\Downloads\IFRS 9 Impairment.pptx
2017-09-14 06:10 - 2017-09-14 06:59 - 001969878 _____ C:\Users\CJ\Downloads\2017_YRC_Presentation for CJP.pptx
2017-09-11 23:22 - 2017-09-11 23:22 - 000284224 _____ C:\Users\CJ\Downloads\'17