Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - skylink_charles

Pages: [1]
1
Tech Clinic / Slow Internet Chrome.exe/svchost
« on: October 09, 2017, 11:20:54 AM »
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2017

Ran by CJ (10-10-2017 00:11:54)

Running from C:\\Users\\CJ\\Downloads

Windows 10 Pro Version 1607 170706-2004 (X64) (2016-12-16 01:44:08)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-2908262934-1883109290-1439357133-500 - Administrator - Disabled)

CJ (S-1-5-21-2908262934-1883109290-1439357133-1002 - Administrator - Enabled) => C:\\Users\\CJ

DefaultAccount (S-1-5-21-2908262934-1883109290-1439357133-503 - Limited - Disabled)

Guest (S-1-5-21-2908262934-1883109290-1439357133-501 - Limited - Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with \"Hidden\" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)

Adobe Acrobat Reader DC (HKLM-x32\\...\\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)

Adobe Flash Player 24 PPAPI (HKLM-x32\\...\\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)

AMD OverDrive (HKLM-x32\\...\\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.)

AMD Software (HKLM\\...\\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)

Ansel (HKLM\\...\\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden

Apple Application Support (32-bit) (HKLM-x32\\...\\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\\...\\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\\...\\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)

Apple Software Update (HKLM-x32\\...\\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)

Battlefield 4 (HKLM-x32\\...\\{7BA57455-8B68-427C-9BF0-9028F0536514}) (Version: 6.0 - Black Box)

Battlefield 4 Update 2 (HKLM-x32\\...\\QmF0dGxlZmllbGQ0_is1) (Version: 1 - )

Black Desert Online (HKLM-x32\\...\\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.7 - Kakao Games Europe B.V.)

Bonjour (HKLM\\...\\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Call of Duty Advanced Warfare (HKLM-x32\\...\\Call of Duty Advanced Warfare_is1) (Version:  - )

Call of Duty Ghosts (HKLM-x32\\...\\{FE50A7C2-542E-4E8C-9729-72316CFD14EA}) (Version: 6.0 - Black Box)

Call of Duty Modern Warfare Remastered (HKLM-x32\\...\\Call of Duty Modern Warfare Remastered_is1) (Version:  - )

Car Mechanic Simulator 2015 (HKLM\\...\\Steam App 320300) (Version:  - Red Dot Games)

Counter-Strike: Global Offensive (HKLM\\...\\Steam App 730) (Version:  - Valve)

CPUID CPU-Z 1.78 (HKLM\\...\\CPUID CPU-Z_is1) (Version:  - )

CPUID HWMonitor 1.30 (HKLM\\...\\CPUID HWMonitor_is1) (Version:  - )

DAEMON Tools Lite (HKLM\\...\\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd)

Discord (HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Discord) (Version: 0.0.298 - Discord Inc.)

Dota 2 (HKLM\\...\\Steam App 570) (Version:  - Valve)

Dragon Age Inquisition Deluxe Edition version 1.11.0.0 (HKLM-x32\\...\\Dragon Age Inquisition Deluxe Edition_is1) (Version: 1.11.0.0 - Mr DJ)

eBIRForms version v6.2 (HKLM-x32\\...\\eBIRForms_is1) (Version: v6.2 - )

Google Chrome (HKLM-x32\\...\\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)

Google Drive (HKLM-x32\\...\\{F9A2761E-C1E4-4384-92A3-5732C9738327}) (Version: 2.34.6717.9565 - Google, Inc.)

Google Update Helper (HKLM-x32\\...\\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden

GoPro Studio (HKLM-x32\\...\\{BE06FF1A-83A0-42F2-913E-6E405393145C}) (Version: 5.12.5383 - GoPro, Inc.) Hidden

Grand Theft Auto V (HKLM\\...\\Steam App 271590) (Version:  - Rockstar North)

HandBrake 0.9.9.1 (HKLM-x32\\...\\HandBrake) (Version: 0.9.9.1 - )

HD Tune Pro 5.60 (HKLM-x32\\...\\HD Tune Pro_is1) (Version:  - EFD Software)

Hotspot Shield 7.1.4 (HKLM-x32\\...\\{AF599C42-A2E5-4251-B7EE-4925C137ED2E}) (Version: 7.1.4.10763 - AnchorFree Inc.) Hidden

Hotspot Shield 7.1.4 (HKLM-x32\\...\\{eed23a49-c3c8-4c25-9993-2bec2cb583a3}) (Version: 7.1.4.10763 - AnchorFree Inc.)

Hotspot Shield 7.1.4 (HKLM-x32\\...\\HotspotShield) (Version: 7.1.4 - AnchorFree Inc.) Hidden

iTunes (HKLM\\...\\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)

IVSWeb 2.0 (HKLM-x32\\...\\{AE3C0D40-008A-4B54-8A95-794D56B7DBE4}_is1) (Version: 2.0 - )

Java 8 Update 144 (64-bit) (HKLM\\...\\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)

Java 8 Update 144 (HKLM-x32\\...\\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)

Malwarebytes version 3.2.2.2029 (HKLM\\...\\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)

Microsoft Office Professional Plus 2016 - en-us (HKLM\\...\\ProPlusRetail - en-us) (Version: 16.0.8431.2079 - Microsoft Corporation)

Microsoft OneDrive (HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\\...\\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\\...\\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\\...\\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\\...\\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\\...\\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\\...\\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\\...\\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\\...\\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\\...\\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\\...\\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\\...\\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\\...\\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\\...\\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Middle Earth Shadow of Mordor (HKLM-x32\\...\\Middle Earth Shadow of Mordor_is1) (Version: 1.0.4.0 - )

Mozilla Firefox 33.0.2 (x86 en-US) (HKLM-x32\\...\\Mozilla Firefox 33.0.2 (x86 en-US)) (Version: 33.0.2 - Mozilla)

Mozilla Firefox 43.0.1 (x86 en-US) (HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM\\...\\MozillaMaintenanceService) (Version: 56.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\\...\\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)

Mudfish Cloud VPN v4.4.6 (HKLM-x32\\...\\Mudfish Cloud VPN) (Version: 4.4.6 - Mudfish Networks)

Mudfish DNS Client v4.4.3 (HKLM-x32\\...\\Mudfish DNS Client) (Version: 4.4.3 - Mudfish Networks)

NVIDIA 3D Vision Controller Driver 369.04 (HKLM\\...\\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)

NVIDIA GeForce Experience 3.9.0.61 (HKLM\\...\\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)

NVIDIA Graphics Driver 385.41 (HKLM\\...\\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.34.27 (HKLM\\...\\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.17.0524 (HKLM\\...\\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)

OBS Studio (HKLM-x32\\...\\OBS Studio) (Version: 20.0.1 - OBS Project)

Office 16 Click-to-Run Extensibility Component (HKLM-x32\\...\\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\\...\\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\\...\\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32\\...\\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden

OpenAL (HKLM-x32\\...\\OpenAL) (Version:  - )

PLAYERUNKNOWN\'S BATTLEGROUNDS (HKLM\\...\\Steam App 578080) (Version:  - Bluehole, Inc.)

PlaysTV (HKLM-x32\\...\\PlaysTV) (Version: 1.17.5-r119091-release - Plays.tv, LLC)

Quik (HKLM\\...\\{DF7EE9CB-0369-44F3-9B91-BF05A2D4891D}) (Version: 0.1.5383 - GoPro, Inc.) Hidden

Quik (HKLM-x32\\...\\{b15a4fb5-7637-45ca-b230-33d94af786a7}) (Version: 2.3.0.5383 - GoPro, Inc.)

rFactor (remove only) (HKLM-x32\\...\\rFactor) (Version:  - )

Rockstar Games Social Club (HKLM-x32\\...\\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)

Simply Chess (HKLM\\...\\Steam App 312280) (Version:  - BlueLine Games)

Skype™ 7.33 (HKLM-x32\\...\\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.)

Spotify (HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Spotify) (Version: 1.0.64.399.g4637b02a - Spotify AB)

Steam (HKLM-x32\\...\\Steam) (Version: 2.10.91.91 - Valve Corporation)

TeamViewer 12 (HKLM-x32\\...\\TeamViewer) (Version: 12.0.83369 - TeamViewer)

The Witcher 3 / RePack by Baracuda (HKLM-x32\\...\\The Witcher 3_is1) (Version: 1.04 - )

UDPixel.exe (HKLM-x32\\...\\UDPixel) (Version:  - )

VFW_Codec32 (HKLM-x32\\...\\{ECDB3455-70F4-4EE6-B89E-3B4C5E9FF592}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden

VFW_Codec64 (HKLM\\...\\{AE4073DE-7596-4E3B-9DE3-18BE2C3EFAA6}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden

Viber (HKLM-x32\\...\\{1136C29D-BAFD-4D56-9594-DF24428B85EE}) (Version: 6.9.1.77 - Viber Media Inc.) Hidden

Viber (HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\{540ddbf9-bade-4135-83db-44b68bb66bd9}) (Version: 6.9.1.77 - Viber Media Inc.)

VLC media player (HKLM-x32\\...\\VLC media player) (Version: 2.2.4 - VideoLAN)

Vulkan Run Time Libraries 1.0.51.0 (HKLM\\...\\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)

Windows 10 Update and Privacy Settings (HKLM\\...\\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)

Windows 7 USB/DVD Download Tool (HKLM-x32\\...\\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)

WinRAR 5.40 (64-bit) (HKLM\\...\\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

XSplit Gamecaster (HKLM-x32\\...\\{D89E82A2-BEB3-4AEE-B0DF-2A482EED6715}) (Version: 3.0.1705.3131 - SplitmediaLabs)

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\\Program Files (x86)\\Google\\Drive\\googledrivesync64.dll [2017-08-31] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\\Program Files (x86)\\Google\\Drive\\googledrivesync64.dll [2017-08-31] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\\Program Files (x86)\\Google\\Drive\\googledrivesync64.dll [2017-08-31] (Google)

ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\\Program Files (x86)\\Google\\Drive\\contextmenu64.dll [2017-08-31] (Google)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\\Program Files\\WinRAR\\rarext.dll [2016-08-15] (Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\\Program Files\\WinRAR\\rarext32.dll [2016-08-15] (Alexander Roshal)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\\Program Files\\Malwarebytes\\Anti-Malware\\mbshlext.dll [2017-08-30] (Malwarebytes)

ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\\Program Files (x86)\\Google\\Drive\\contextmenu64.dll [2017-08-31] (Google)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\\WINDOWS\\system32\\nvshext.dll [2017-08-22] (NVIDIA Corporation)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\\Program Files\\Malwarebytes\\Anti-Malware\\mbshlext.dll [2017-08-30] (Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\\Program Files\\WinRAR\\rarext.dll [2016-08-15] (Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\\Program Files\\WinRAR\\rarext32.dll [2016-08-15] (Alexander Roshal)

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {06DB2FBC-DC15-401B-8DEB-2B73A9C8097A} - System32\\Tasks\\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\\Program Files\\NVIDIA Corporation\\Update Core\\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)

Task: {3F662A94-91DC-46E4-90A9-C777372B1751} - System32\\Tasks\\GoogleUpdateTaskMachineCore => C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe [2016-11-27] (Google Inc.)

Task: {4A3B1C1D-C532-4A6D-B94F-EE0BDFF30806} - System32\\Tasks\\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\\Program Files\\NVIDIA Corporation\\Update Core\\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)

Task: {5E55CD14-4B74-4490-8A48-5D8332BA5128} - System32\\Tasks\\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)

Task: {6A70DCA6-F808-4049-B4D2-02506355532F} - System32\\Tasks\\Microsoft\\Office\\OfficeTelemetryAgentFallBack2016 => C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\msoia.exe [2017-09-28] (Microsoft Corporation)

Task: {85ED2BAE-E70C-496D-BF7A-FEE3B1616FB9} - System32\\Tasks\\Microsoft\\Office\\Office ClickToRun Service Monitor => C:\\Program Files\\Common Files\\Microsoft Shared\\ClickToRun\\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)

Task: {8CC4AAF8-F247-4D88-9E3B-F48A0252B889} - System32\\Tasks\\StartCN => C:\\Program Files\\AMD\\CNext\\CNext\\cncmd.exe

Task: {8E4F6A4D-49CC-4895-8A73-BC6884F6C7B1} - System32\\Tasks\\GoogleUpdateTaskMachineUA => C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe [2016-11-27] (Google Inc.)

Task: {B8A7DBE7-F518-4435-97E6-1AFD770B2314} - System32\\Tasks\\Microsoft\\Office\\OfficeBackgroundTaskHandlerLogon => C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\officebackgroundtaskhandler.exe [2017-09-28] ()

Task: {BED759C9-869D-4B8F-B2A7-248AF4D85F25} - System32\\Tasks\\Microsoft\\Office\\Office Automatic Updates => C:\\Program Files\\Common Files\\Microsoft Shared\\ClickToRun\\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)

Task: {C3C56CAE-6BA8-45BB-9355-25D11A0A169F} - System32\\Tasks\\Microsoft\\Office\\OfficeBackgroundTaskHandlerRegistration => C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\officebackgroundtaskhandler.exe [2017-09-28] ()

Task: {CCAEF4AE-083A-48DE-98F0-5CAB4D5FF8D9} - System32\\Tasks\\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\\Program Files (x86)\\NVIDIA Corporation\\NVIDIA GeForce Experience\\NVIDIA GeForce Experience.exe [2017-08-22] (NVIDIA Corporation)

Task: {D591472C-CF14-4F87-A535-59BAF5C27619} - System32\\Tasks\\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvTmMon.exe [2017-08-22] (NVIDIA Corporation)

Task: {D7925650-146A-401F-9313-C7C4C1A7871E} - System32\\Tasks\\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)

Task: {E7BB8772-244D-4AC2-92E7-B38FE91462C3} - System32\\Tasks\\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\\Program Files (x86)\\NVIDIA Corporation\\NvNode\\nvnodejslauncher.exe [2017-08-22] (NVIDIA Corporation)

Task: {EA146B5B-32A1-4F29-AB43-A447F6E13FDF} - System32\\Tasks\\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\\Program Files\\NVIDIA Corporation\\NvContainer\\nvcontainer.exe [2017-08-22] (NVIDIA Corporation)

Task: {EEF73CCA-5ACF-4BA8-819B-7A6D40D18FAF} - System32\\Tasks\\Microsoft\\Office\\OfficeTelemetryAgentLogOn2016 => C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\msoia.exe [2017-09-28] (Microsoft Corporation)

Task: {FE1F2651-23B9-4490-AA3A-CAE4BA7DF305} - System32\\Tasks\\Adobe Acrobat Update Task => C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe [2017-07-20] (Adobe Systems Incorporated)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\\WINDOWS\\Tasks\\CreateExplorerShellUnelevatedTask.job => C:\\WINDOWS\\explorer.exe

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

 

==================== Loaded Modules (Whitelisted) ==============

 

2016-07-16 19:42 - 2016-07-16 19:42 - 000231424 _____ () C:\\WINDOWS\\SYSTEM32\\ism32k.dll

2017-07-12 20:28 - 2017-06-21 15:48 - 002681200 _____ () C:\\WINDOWS\\system32\\CoreUIComponents.dll

2017-09-18 07:13 - 2017-08-29 13:30 - 000020208 _____ () C:\\WINDOWS\\system32\\spool\\PRTPROCS\\x64\\TeamViewer_PrintProcessor.dll

2016-11-27 03:00 - 2017-09-28 22:27 - 008929480 _____ () C:\\Program Files (x86)\\Microsoft Office\\root\\VFS\\ProgramFilesX64\\Microsoft Office\\Office16\\1033\\GrooveIntlResource.dll

2016-12-17 01:19 - 2016-12-17 01:19 - 000134656 _____ () C:\\Windows\\ShellExperiences\\Windows.UI.Shell.SharedUtilities.dll

2017-03-15 19:43 - 2017-03-04 14:31 - 000474112 _____ () C:\\Windows\\ShellExperiences\\QuickActions.dll

2017-03-15 19:44 - 2017-03-04 14:12 - 009760768 _____ () C:\\Windows\\SystemApps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\CortanaApi.dll

2017-03-15 19:44 - 2017-03-04 14:05 - 001401856 _____ () C:\\Windows\\SystemApps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\Cortana.Core.dll

2017-03-15 19:44 - 2017-03-04 14:05 - 000757248 _____ () C:\\Windows\\SystemApps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\CSGSuggestLib.dll

2017-07-12 20:28 - 2017-06-21 14:36 - 001033216 _____ () C:\\Windows\\SystemApps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\Cortana.Actions.dll

2017-07-12 20:28 - 2017-06-21 14:35 - 002424320 _____ () C:\\Windows\\SystemApps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\Cortana.BackgroundTask.dll

2017-07-12 20:28 - 2017-06-21 14:37 - 004853760 _____ () C:\\Windows\\SystemApps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\RemindersUI.dll

2017-09-26 08:39 - 2017-09-21 15:29 - 004022616 _____ () C:\\Program Files (x86)\\Google\\Chrome\\Application\\61.0.3163.100\\libglesv2.dll

2017-09-26 08:39 - 2017-09-21 15:29 - 000100184 _____ () C:\\Program Files (x86)\\Google\\Chrome\\Application\\61.0.3163.100\\libegl.dll

2017-07-17 18:45 - 2017-07-17 18:46 - 000074752 _____ () C:\\Program Files\\WindowsApps\\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\\SkypeHost.exe

2017-07-17 18:45 - 2017-07-17 18:46 - 000203264 _____ () C:\\Program Files\\WindowsApps\\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\\SkypeBackgroundTasks.dll

2017-07-17 18:45 - 2017-07-17 18:46 - 043573248 _____ () C:\\Program Files\\WindowsApps\\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\\SkyWrap.dll

2017-07-17 18:45 - 2017-07-17 18:46 - 002435584 _____ () C:\\Program Files\\WindowsApps\\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\\skypert.dll

2017-09-28 20:54 - 2017-09-28 20:54 - 001265936 _____ () C:\\Program Files (x86)\\Mudfish Cloud VPN\\mudrun.exe

2016-10-17 10:13 - 2016-10-17 10:13 - 000339728 _____ () C:\\Program Files (x86)\\Mudfish DNS Client\\muddnsc.exe

2017-09-28 20:54 - 2017-09-28 20:54 - 000301328 _____ () C:\\Program Files (x86)\\Mudfish Cloud VPN\\mudflow.exe

2017-09-28 20:54 - 2017-09-28 20:54 - 001223952 _____ () C:\\Program Files (x86)\\Mudfish Cloud VPN\\mudfish.exe

2017-10-09 23:48 - 2017-10-04 13:15 - 002289096 _____ () C:\\PROGRAM FILES\\MALWAREBYTES\\ANTI-MALWARE\\SelfProtectionSdk.dll

2016-11-27 03:40 - 2017-08-05 05:19 - 000678176 _____ () C:\\Program Files (x86)\\Steam\\SDL2.dll

2016-11-27 03:40 - 2016-09-01 09:02 - 004969248 _____ () C:\\Program Files (x86)\\Steam\\v8.dll

2016-11-27 03:40 - 2017-10-05 07:49 - 002507552 _____ () C:\\Program Files (x86)\\Steam\\video.dll

2016-11-27 03:40 - 2016-01-27 15:49 - 002549760 _____ () C:\\Program Files (x86)\\Steam\\libavcodec-56.dll

2016-11-27 03:40 - 2016-01-27 15:49 - 000491008 _____ () C:\\Program Files (x86)\\Steam\\libavformat-56.dll

2016-11-27 03:40 - 2016-01-27 15:49 - 000332800 _____ () C:\\Program Files (x86)\\Steam\\libavresample-2.dll

2016-11-27 03:40 - 2016-01-27 15:49 - 000442880 _____ () C:\\Program Files (x86)\\Steam\\libavutil-54.dll

2016-11-27 03:40 - 2016-01-27 15:49 - 000485888 _____ () C:\\Program Files (x86)\\Steam\\libswscale-3.dll

2016-11-27 03:40 - 2016-09-01 09:02 - 001563936 _____ () C:\\Program Files (x86)\\Steam\\icui18n.dll

2016-11-27 03:40 - 2016-09-01 09:02 - 001195296 _____ () C:\\Program Files (x86)\\Steam\\icuuc.dll

2016-11-27 03:40 - 2017-10-05 07:49 - 000885024 _____ () C:\\Program Files (x86)\\Steam\\bin\\chromehtml.DLL

2017-10-02 20:40 - 2017-09-26 19:44 - 000041040 _____ () C:\\Users\\CJ\\AppData\\Local\\Viber\\qrencode.dll

2017-10-02 20:40 - 2017-09-26 19:45 - 000391760 _____ () C:\\Users\\CJ\\AppData\\Local\\Viber\\imageformats\\qsvg.dll

2016-12-13 09:44 - 2017-07-18 06:50 - 073115424 _____ () C:\\Program Files (x86)\\Steam\\bin\\cef\\cef.win7\\libcef.dll

2017-06-09 11:19 - 2017-05-17 09:54 - 000678176 _____ () C:\\Program Files (x86)\\Steam\\bin\\cef\\cef.win7\\SDL2.dll

2017-09-17 21:42 - 2017-09-17 21:42 - 000884736 _____ () C:\\Program Files (x86)\\Black Desert Online\\bin64\\host\\libglesv2.dll

2017-09-17 21:42 - 2017-09-17 21:42 - 000104448 _____ () C:\\Program Files (x86)\\Black Desert Online\\bin64\\host\\libegl.dll

2017-09-17 21:41 - 2017-09-17 21:41 - 000862208 _____ () C:\\Program Files (x86)\\Black Desert Online\\bin64\\host\\ffmpegsumo.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The \"AlternateShell\" will be restored.)

 

HKLM\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\MBAMService => \"\"=\"Service\"

HKLM\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network\\MBAMService => \"\"=\"Service\"

 

==================== Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2015-07-10 19:04 - 2015-07-10 19:02 - 000000824 _____ C:\\WINDOWS\\system32\\Drivers\\etc\\hosts

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\Control Panel\\Desktop\\\\Wallpaper -> C:\\Windows\\web\\wallpaper\\Windows\\img0.jpg

DNS Servers: 114.108.195.1 - 114.108.193.201

HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer => (SmartScreenEnabled: Off)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

HKLM\\...\\StartupApproved\\Run: => \"GoPro Tray App\"

HKLM\\...\\StartupApproved\\Run: => \"iTunesHelper\"

HKLM\\...\\StartupApproved\\Run32: => \"PlaysTV\"

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\StartupApproved\\Run: => \"uTorrent\"

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\StartupApproved\\Run: => \"DAEMON Tools Lite Automount\"

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\StartupApproved\\Run: => \"OneDrive\"

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\StartupApproved\\Run: => \"Skype\"

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\StartupApproved\\Run: => \"Spotify\"

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\StartupApproved\\Run: => \"Spotify Web Helper\"

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\StartupApproved\\Run: => \"SUPERAntiSpyware\"

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\StartupApproved\\Run: => \"WallpaperEngine\"

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{8F054BFA-E763-4B3B-8635-E2BD1B7A7B5E}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{3E19FFDA-960B-4209-BA9A-F63AFD39B2F4}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{63E48674-ABE8-4ED4-BD82-01E89A89E039}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{94CDC83E-4AE1-4752-B7C9-C1D94F47A993}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{D0C55812-9B9D-459E-A7C1-F74CCA6ECBF6}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{C4F9435E-F77A-43E1-A0D2-4E46BFEF7669}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{290BD634-39C7-454A-92FF-B8454DB0DB53}] => (Allow) C:\\Program Files (x86)\\Steam\\bin\\cef\\cef.win7\\steamwebhelper.exe

FirewallRules: [{12D79481-83CA-496C-859B-817B5717D608}] => (Allow) C:\\Program Files (x86)\\Steam\\bin\\cef\\cef.win7\\steamwebhelper.exe

FirewallRules: [{EA939C4E-17FA-4D46-8EC1-431F11EFC23E}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Counter-Strike Global Offensive\\csgo.exe

FirewallRules: [{413ADD52-7EE6-472B-9837-026F00F3C919}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Counter-Strike Global Offensive\\csgo.exe

FirewallRules: [{144F3F36-43C9-465D-9E1C-5DF5B55ED4EB}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{81334BA9-BE64-4BAD-B143-57A10078184F}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{7E29AC57-F2C7-4090-B2ED-F94BABB56225}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{FBFF4E7D-229C-47DD-A450-9F77FA273FF8}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{B1E0E2AF-AB7E-49CE-9A7A-FEF2DFC13A52}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{0509A164-5A46-41D6-85DC-BE5EB6A6B96B}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{D76509BA-73C2-43D0-BAEC-9B737728DFB8}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{632C1186-AFF4-455F-A4A8-A7E77DC6CCB8}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [UDP Query User{E92E126E-1A1F-4A8F-AECB-96B88C983386}C:\\program files (x86)\\steam\\steamapps\\common\\grand theft auto v\\gta5.exe] => (Allow) C:\\program files (x86)\\steam\\steamapps\\common\\grand theft auto v\\gta5.exe

FirewallRules: [TCP Query User{64A67BCC-248C-438E-BC00-E627AA690CCB}C:\\program files (x86)\\steam\\steamapps\\common\\grand theft auto v\\gta5.exe] => (Allow) C:\\program files (x86)\\steam\\steamapps\\common\\grand theft auto v\\gta5.exe

FirewallRules: [{88C00A3C-77F7-41B0-900D-4BD8C5F552EE}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{23B3C89A-982F-402F-8CDB-1C9677F43C1C}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{71CCABFE-82B8-4674-8117-164E1E9EB0F3}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{22F922D7-B6FE-4706-AD60-D15B23D57E53}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{185EABC1-F343-4B35-A3F9-07EE950263D9}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2cfg.exe

FirewallRules: [{F934BC80-72DD-4B33-8065-C66CB58C8EE4}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2cfg.exe

FirewallRules: [{EAFE22FE-7BF4-478D-91BD-E9D57E0CF555}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{F324EE8F-D9CA-4313-981E-6E322E119A6A}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{48F5C12B-50DA-48A9-B2C0-2873705E76DC}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Grand Theft Auto V\\GTAVLauncher.exe

FirewallRules: [{C6C9430E-FC8C-43F8-BF55-855D343D014B}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Grand Theft Auto V\\GTAVLauncher.exe

FirewallRules: [{528C2020-8A6B-4B49-8620-6B2F25588A03}] => (Allow) C:\\Program Files (x86)\\Steam\\Steam.exe

FirewallRules: [{7E99FE49-47AE-4070-BE3E-2C8A89E63E9B}] => (Allow) C:\\Program Files (x86)\\Steam\\Steam.exe

FirewallRules: [{EFE70051-C4D4-4D6C-97BC-C38C58C8F759}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{D8106355-08AC-4555-94CA-510CB292E2C6}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{F5FF4C47-9C10-42A8-A615-D2BE70055FAF}] => (Allow) C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\Lync.exe

FirewallRules: [{46AA286A-33BB-44C8-9E44-0EF7AF1C7BC8}] => (Allow) C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\Lync.exe

FirewallRules: [{FE584934-EE17-4E9C-846E-57FA35B452A5}] => (Allow) C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\UcMapi.exe

FirewallRules: [{81054DC6-74F8-4A69-BAB3-B6B331FB3405}] => (Allow) C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\UcMapi.exe

FirewallRules: [{7FE1D4B0-2250-4717-93C8-00EA9E200D41}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{44E76AB1-2DE5-46D3-A4AA-2F3E11E3D8E4}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{5D4BD0A2-81C6-43BB-AA32-0652CE464ED3}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{D859B99B-F53D-4C73-9626-B7DF248F8B4D}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{3EFEFC01-3BF0-41B0-B49F-E1F25E27A3E9}] => (Allow) C:\\Program Files (x86)\\Raptr Inc\\PlaysTV\\playstv.exe

FirewallRules: [{4550807B-5F9D-4042-8CBC-B6F4C82AE974}] => (Allow) C:\\Program Files (x86)\\Raptr Inc\\PlaysTV\\playstv.exe

FirewallRules: [{8508E695-3635-4583-8387-C935E4533FF4}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{2898649E-A635-4F61-95A9-921E38EA21A4}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{BC04C66E-A058-43FA-A80B-FF3FA7C95A93}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{2163B5EC-76E6-4CCA-BC19-B3D13CB9015E}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{E0F84BCE-6010-4F0B-AD05-B90F7E435EDD}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{898C6627-65B1-4CAA-A08A-9094D711F1ED}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{9E78C99A-0423-40A2-85D0-B1E64CDB3BEF}] => (Allow) C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe

FirewallRules: [TCP Query User{F7B0231B-CC2F-426E-964D-D52BAE3E2663}C:\\program files (x86)\\mozilla firefox\\plugin-container.exe] => (Allow) C:\\program files (x86)\\mozilla firefox\\plugin-container.exe

FirewallRules: [UDP Query User{DAE519D4-F51A-416C-AF80-EEAB2A621E56}C:\\program files (x86)\\mozilla firefox\\plugin-container.exe] => (Allow) C:\\program files (x86)\\mozilla firefox\\plugin-container.exe

FirewallRules: [{0890D31E-9F47-4DAF-BA25-4C772E4AB108}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{1CE86A72-E0C2-4760-85CC-24277BFF85EE}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{982D870B-19FC-42B5-974C-4D10FCB80427}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{06957883-E96E-4E56-86BD-50A2064DB04E}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{80179FA4-C5B0-4EFC-9144-DD3C138447AC}] => (Allow) C:\\Users\\CJ\\AppData\\Roaming\\uTorrent\\uTorrent.exe

FirewallRules: [{E00E7179-2A1A-4A3B-956A-4C44ED4214F5}] => (Allow) C:\\Users\\CJ\\AppData\\Roaming\\uTorrent\\uTorrent.exe

FirewallRules: [{6D79173E-6CAB-4D08-8E54-A389164255C1}] => (Allow) C:\\Users\\CJ\\AppData\\Roaming\\uTorrent\\uTorrent.exe

FirewallRules: [{445FB10C-A268-4C1E-AFC5-82DA7BC3F21D}] => (Allow) C:\\Users\\CJ\\AppData\\Roaming\\uTorrent\\uTorrent.exe

FirewallRules: [{0F96F711-96F9-4866-B81C-927A1D35C96D}] => (Allow) C:\\Users\\CJ\\AppData\\Roaming\\uTorrent\\uTorrent.exe

FirewallRules: [{C75E505D-12B6-4B88-97D2-F7E00E512079}] => (Allow) C:\\Users\\CJ\\AppData\\Roaming\\uTorrent\\uTorrent.exe

FirewallRules: [{D4513F7D-3A8A-410E-BA93-9D4E9C1FFFCB}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{379E4829-867D-4D06-BC29-C92FC523F279}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{38EE4F6B-5555-41FB-B091-F3FBB0575BAA}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{9362E083-CADC-4394-ADCF-103738E34ED1}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{98472D5F-35D8-47E8-B092-72E9A4150F0D}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{689E7522-8800-4AA4-850A-D3D9C90459E2}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{DB68307B-64D5-4A6E-B4EF-DDEBB999438B}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{90B90380-AC1B-4FB3-ADD2-B0ED2836C945}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{C2041F70-69A8-43B6-9C68-F90C02F6FA0D}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{975E7E2A-FCE9-4DF3-A4BA-0FAB057ADFC8}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{FBB78720-1B1D-403F-A654-0167184413F0}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{6637D6B0-EA44-40D2-BA10-FA8A41737075}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{DF7F9099-2541-45A2-8BA8-81C062323EAE}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{E4C92F74-31AB-4092-82FE-94C4432BAC52}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{25F0943C-FD29-4515-8ABA-FEB4821ACC3C}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{081ACF82-4599-4F66-B15F-3DC896286BFA}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{47CAD869-0CF3-41F1-A67C-BCE43D985E17}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{088733C3-EDB1-493F-BA46-8760DEE20D59}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{4E029DFD-7923-4BDA-9E96-9556E6379B1B}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{ED9211D6-18BF-413F-804C-E4857654FD5C}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{D30425FF-8967-4B43-A87F-0055F96BB20A}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{E21D77EA-2FB2-4676-B997-0C11FAEFBA7E}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{CAAB029C-BFA3-469F-A5A1-0BC544EAEAA3}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{DECF2CF6-E694-4961-86FA-9306046923D6}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{DA3EBC89-C893-4BD9-9C64-8E3E1F4C733A}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Dark Souls Prepare to Die Edition\\DATA\\DARKSOULS.exe

FirewallRules: [{199E6FD5-9435-48AC-9C81-5205DF57CFA6}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\Dark Souls Prepare to Die Edition\\DATA\\DARKSOULS.exe

FirewallRules: [{5B63C8DB-F281-420E-93B7-E8D9A5E5768B}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{2A212A4A-759A-45C1-ADE0-09B47B1D77C2}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{D31F4777-2BCB-4ABC-9F17-58228558367D}] => (Allow) C:\\Program Files (x86)\\Dragon Age Inquisition Deluxe Edition\\DragonAgeInquisition.exe

FirewallRules: [{42265F34-B0A2-48A7-A731-199A92FC5491}] => (Allow) C:\\Program Files (x86)\\Dragon Age Inquisition Deluxe Edition\\DragonAgeInquisition.exe

FirewallRules: [{6E99AC3F-D563-4201-9632-0A53921A85FB}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{30A0AA65-DE48-465B-8874-DC4DC7D7CC0A}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{916ACE24-AE9C-4B3B-9EE3-D6261B5E9BB3}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{85F933AB-9A70-4CCE-A5BF-DF5644A85768}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{3D617C86-97FD-4B7B-9B55-E4EECA78DEAD}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{74EA151B-82FB-4FEC-BA2C-F0E653119B02}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{4ECC1E40-1699-4323-B7E4-BF9087B3AEE5}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{CE17B2CD-8D51-4A24-B887-ECAABDD8A1A1}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{0A5A64FF-73CC-4115-8A17-310D3FAA1763}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{EE21E939-F4E0-4151-9778-13CE0CC94C5B}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{1CB19B77-AC59-4A71-82E0-B4669DD29B5B}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{140D308A-B35E-4316-BB18-2420C13A96B0}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{2226DC47-F4BC-463B-B6EC-CB79916ECA5F}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{E65F5AD0-7991-4AE5-A14D-39848C14C256}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{6632C698-C37E-4774-A06B-4CA0AAADB4FD}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{75627DB4-A4F9-4FD4-A2BE-B730DEC48AEC}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{86CABA74-FD0E-4B7A-86F1-D56D609D20AB}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{7E3A14E2-8A3D-4B93-81FB-36B36434F164}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{71401017-8DE0-4017-A212-A07684410C89}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{2A7623C6-78ED-4354-8FAD-2F80EBEDD8D7}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{CECB718F-0CDB-477A-B134-EC0336E912F8}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{9A0E5297-6B80-4696-B06D-2FA59CC69BDF}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{8ED92B14-363A-4C32-8A78-EF43A89BA529}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{942A01E9-6CEF-4DB2-AFF3-A3F6C5A1FB76}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{44BEB265-4A8D-44A0-B2A1-2CE782ED9DB0}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{13A05DD4-9763-4A68-81DB-7E679F84975F}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{696486B5-4E39-4817-B9AC-F7CFC3891B41}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{D0117405-6464-4203-943C-FD4573030D9D}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{3E96B31F-D8A2-43B2-BBD7-81649078A78C}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{6BD02C45-2FEF-4B48-BD0A-4FAD35E68187}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{46A3B3CC-95EC-4815-A63D-D84E7DE76E6B}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{6754A01E-DD6E-4827-8E80-C02C99B12879}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{091D0868-305C-41E5-AFB6-E4CDCF42A120}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{F0A56918-433C-42EB-ADFD-92714191E3E0}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{B39459E6-AB6A-435E-91AA-887F3747D70F}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{36C95F5F-F2EA-4967-9142-CCC687DE771F}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{39CF0CDC-CB42-4F1F-8902-B95EF50B36B1}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{03BD1402-8025-47D3-A89E-CAD59FC5B264}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{2165FF80-E14F-4A44-A90C-B8AC88DB3132}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{F6EACEE3-9186-49E8-9E34-BFB20CA7A990}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{C8F8D447-B843-4E20-ABA2-3EF398B7D764}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{A0B06A30-9994-4D0B-BBED-634FB79B47C2}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{140DFE75-8A38-43ED-9711-4D1188207E71}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{D5BAD459-E219-49D5-AE75-2400010B3BE2}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{8C76919A-140E-4897-915B-448B45C878FD}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{D2E85351-FB35-46F3-B852-D88534BB5269}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{A2736E9C-DCB0-45D9-90C8-55AFA56DCADA}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{DB8ADF6A-BE90-4CD9-BF6A-5159A884B992}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{181A9648-ED78-404A-919C-102B6CB310D9}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{C5797116-9A1D-4012-AB86-5672E6B2310F}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{0CD78911-AE5B-4F3D-916B-5AF1FD48EFE1}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{E3724CFB-E3A9-4416-87B1-37578F22D7DA}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{409FE2A7-87C4-42F3-92BB-908A2D8CC106}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{7BEC6DB2-8367-4E9F-B858-C7FFD65FF985}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{86509A4D-4141-4126-A13E-ACE46563FE0E}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{CD975519-DC25-48AE-8FE1-BF79F424E89D}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{43535EFE-51FB-4ADD-82F8-D367E66E69F5}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{6C50FF19-EF8F-41E7-A9D9-9F926023B7BA}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{A3975C38-9DBC-4BE6-9C30-C57EC63D5C6B}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{0A5FED1F-3933-4F48-B7E9-B184C928F20F}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{C50B90F9-8ACB-4854-9DC7-F86BE80B14D2}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{63A3F72E-9F78-4DB8-A24E-F11BA5E13EB2}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{1D7C82BE-D86E-4D83-A960-325822FDBC58}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{446DF2F3-211A-48DA-8F3A-966B220110DB}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{DD07C258-1A7C-41E0-B2C9-9EA06BE437DD}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{19972206-34DD-4C7A-ABE5-1B9AD44B949B}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{19AD8FA2-6E77-446D-984A-DA7608FC4785}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{14E53E75-B272-487D-B052-C6941DCD781D}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{87174D66-F862-4631-93A6-835708E6C354}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{C05FFD2F-0972-4C55-A887-EC26305D347A}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{761E36E7-56E8-4CB7-BE88-D0004EE67575}] => (Allow) C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe

FirewallRules: [{95011C5C-F461-4980-B1C1-8405DCDB0F69}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{8F515631-F568-4982-A117-D9B0AEE66224}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{1212FA67-0DF0-433F-8770-3E5F6913910A}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{6DB06058-C14B-45BA-8DE0-ABA556EDF29E}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{AFF9D109-4044-4F2B-B40D-45427B5CE9DE}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{B84E381C-198A-4E32-9297-1DE7A14B2FDE}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{79E29CD0-35A3-4DA9-8B92-10A4C9963803}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{83DA1217-3C31-45D0-B6BA-583801EF2A17}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{96E0393A-C055-4530-8A20-CB1BEA73442C}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{33AF2002-68FD-4B74-9F34-7EEEAF5ACC05}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{08247B9C-1A89-4E6F-8DDE-637518948323}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{0C2811B7-C995-4F5B-A1F0-AACBAEBD08CD}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{333CD58C-16C0-4D6D-B713-F732836CFB5B}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{284F9AB0-099B-4A7B-ADFD-E420EC1613AB}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{C4304790-6B76-49E2-B3E2-32A30966DE10}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{741391D8-3525-4622-8303-B5D2ACE2FA72}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{3D2231A4-FFCA-4404-84D5-B3B1D1DAD22A}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{62E6CEFD-74A6-4A48-9E65-0A6F6C94D230}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{A357A65E-DEDC-4DD3-978B-E566CCDC6469}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{967B9F70-3409-4640-B81C-51A35E8453C2}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{50A32946-8886-4AF5-A713-DBF3A78FCC80}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{F2AD77FD-5951-4E22-9A1B-343FD45D864D}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{7E582CA9-5659-44FC-90FE-D75C64AD5024}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{E0CABC68-2423-4E00-B287-F49E582D0CE4}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{0C7DE1A1-C295-4F77-807E-791E89A1C552}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{D45D31C4-2C32-4C36-84B0-8050EB4CD61F}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{1E1829DC-B8D5-47D7-B9EC-ACE8E74BBC51}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{21F0F32A-A8DD-46F2-B6E8-61AA88A8D62E}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{5EC00238-0F39-430B-AD1C-C33027E33010}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{2A06DBDE-E13A-4CFC-BF6E-01EF30F8D7C7}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{4FC11A13-C37E-4163-8DF4-EDE213D0A303}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{36725FF7-8E5F-492D-A895-8B1763884634}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{C3FA7B01-9745-45D7-88E7-EE3AE67BFB9F}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{5160EBE8-43FC-424E-A293-80409BABED1A}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{1D87FBB4-A57A-44C5-8D27-BF78B9C3205A}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{9C4E26F8-B3E2-46C2-8FC6-3D53A4BA825A}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{6F7E773B-93A5-4B1B-AA4E-92E58AD6DD0D}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{900C984D-6CFB-40B8-B45F-FBC266EBFFE5}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{E81D5CE6-AD3E-4DEB-BB4F-FD6D37A041C2}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{0F8BACA3-5D38-414C-BE79-872B3FDCD8BC}] => (Allow) C:\\Program Files (x86)\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win64\\dota2.exe

FirewallRules: [{8

2
Tech Clinic / Slow Internet Chrome.exe/svchost
« on: October 09, 2017, 11:18:33 AM »
Hi Need help I\'m currently having disconnects on my internet. I observed the chrome.exe is running on my network resource monitor even if chrome is closed. Also there\'s surge in svchost.exe from time to time. 

 

 

Log below:

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-10-2017

Ran by CJ (administrator) on DESKTOP-6DJTFS0 (10-10-2017 00:11:09)

Running from C:\\Users\\CJ\\Downloads

Loaded Profiles: CJ (Available Profiles: CJ)

Platform: Windows 10 Pro Version 1607 170706-2004 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Microsoft Corporation) C:\\Program Files\\Common Files\\microsoft shared\\ClickToRun\\OfficeClickToRun.exe

(Valve Corporation) C:\\Program Files (x86)\\Steam\\Steam.exe

(Viber Media S.à r.l.) C:\\Users\\CJ\\AppData\\Local\\Viber\\Viber.exe

(Oracle Corporation) C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

() C:\\Program Files\\WindowsApps\\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\\SkypeHost.exe

(Microsoft Corporation) C:\\Windows\\System32\\dllhost.exe

() C:\\Program Files (x86)\\Mudfish Cloud VPN\\mudrun.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

() C:\\Program Files (x86)\\Mudfish DNS Client\\muddnsc.exe

() C:\\Program Files (x86)\\Mudfish Cloud VPN\\mudflow.exe

() C:\\Program Files (x86)\\Mudfish Cloud VPN\\mudfish.exe

(Malwarebytes) C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe

(Malwarebytes) C:\\Program Files\\Malwarebytes\\Anti-Malware\\mbamtray.exe

(Valve Corporation) C:\\Program Files (x86)\\Steam\\bin\\cef\\cef.win7\\steamwebhelper.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Microsoft® Windows® Operating System) C:\\Windows\\System32\\Taskmgr.exe

() C:\\Program Files (x86)\\Black Desert Online\\bin64\\BlackDesert64.exe

(Wellbia.com Co., Ltd.) C:\\Program Files (x86)\\Black Desert Online\\bin64\\xc\\na\\2\\xcoronahost.xem

(Wellbia.com) C:\\Program Files (x86)\\Black Desert Online\\bin64\\xc\\na\\2\\xxd-0.xem

(Microsoft Corporation) C:\\Windows\\System32\\GameBarPresenceWriter.exe

(Microsoft Corporation) C:\\Windows\\System32\\perfmon.exe

(Coherent Labs) C:\\Program Files (x86)\\Black Desert Online\\bin64\\host\\CoherentUI_Host.exe

(Coherent Labs) C:\\Program Files (x86)\\Black Desert Online\\bin64\\host\\CoherentUI_Host.exe

(Coherent Labs) C:\\Program Files (x86)\\Black Desert Online\\bin64\\host\\CoherentUI_Host.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Microsoft Corporation) C:\\Windows\\System32\\cmd.exe

(Microsoft Corporation) C:\\Windows\\System32\\perfmon.exe

(Microsoft Corporation) C:\\Windows\\System32\\SnippingTool.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\\...\\Run: [GoPro Tray App] => C:\\Program Files\\GoPro\\GoPro Desktop App\\GoProDesktopSystemTray.exe [866224 2017-03-16] ()

HKLM\\...\\Run: [iTunesHelper] => C:\\Program Files\\iTunes\\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)

HKLM\\...\\Run: [ShadowPlay] => \"C:\\WINDOWS\\system32\\rundll32.exe\" C:\\WINDOWS\\system32\\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM-x32\\...\\Run: [PlaysTV] => C:\\Program Files (x86)\\Raptr Inc\\PlaysTV\\playstv_launcher.exe [51984 2016-12-17] (Copyright (c) 2016 Plays.tv, LLC)

HKLM-x32\\...\\Run: [SunJavaUpdateSched] => C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe [587288 2017-07-21] (Oracle Corporation)

HKLM\\SOFTWARE\\Policies\\Microsoft\\Windows Defender: Restriction <==== ATTENTION

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Run: [Steam] => C:\\Program Files (x86)\\Steam\\steam.exe [3074336 2017-10-05] (Valve Corporation)

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Run: [uTorrent] => C:\\Users\\CJ\\AppData\\Roaming\\uTorrent\\uTorrent.exe [2146496 2017-07-04] (BitTorrent Inc.)

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Run: [DAEMON Tools Lite Automount] => C:\\Program Files\\DAEMON Tools Lite\\DTAgent.exe [4701888 2016-12-23] (Disc Soft Ltd)

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Run: [WallpaperEngine] => \"C:\\Program Files (x86)\\Steam\\steamapps\\common\\wallpaper_engine\\wallpaper64.exe\" -silent

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Run: [Skype] => C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Run: [Spotify] => C:\\Users\\CJ\\AppData\\Roaming\\Spotify\\Spotify.exe [20803184 2017-10-01] (Spotify Ltd)

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Run: [Discord] => C:\\Users\\CJ\\AppData\\Local\\Discord\\app-0.0.298\\Discord.exe [57477112 2017-08-08] (Discord Inc.)

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Run: [Mudfish DNS Client] => C:\\Program Files (x86)\\Mudfish DNS Client\\muddnsc.exe [339728 2016-10-17] ()

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Run: [Viber] => C:\\Users\\CJ\\AppData\\Local\\Viber\\Viber.exe [30800464 2017-09-26] (Viber Media S.à r.l.)

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Run: [GoogleDriveSync] => C:\\Program Files (x86)\\Google\\Drive\\googledrivesync.exe [25622168 2017-08-31] (Google)

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\Run: [Spotify Web Helper] => C:\\Users\\CJ\\AppData\\Roaming\\Spotify\\SpotifyWebHelper.exe [777840 2017-10-01] (Spotify Ltd)

HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\...\\MountPoints2: {c1957884-9997-11e7-9c8f-408d5ce7f1ad} - \"E:\\setup.exe\" 

GroupPolicy: Restriction <==== ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Tcpip\\Parameters: [DhcpNameServer] 114.108.195.1 114.108.193.201

Tcpip\\..\\Interfaces\\{176cf1bd-e608-41d9-8fd2-0d8616a5ef9a}: [DhcpNameServer] 114.108.195.1 114.108.193.201

Tcpip\\..\\Interfaces\\{42cbef20-1bee-4e12-af23-23548bc926df}: [DhcpNameServer] 114.108.195.1 114.108.193.201

Tcpip\\..\\Interfaces\\{aa7a312b-78fe-4d9b-bc8a-4342e45de8d3}: [DhcpNameServer] 114.108.195.1 114.108.193.201

 

Internet Explorer:

==================

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\\Program Files (x86)\\Microsoft Office\\root\\VFS\\ProgramFilesX64\\Microsoft Office\\Office16\\OCHelper.dll [2017-09-28] (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\\Program Files\\Java\\jre1.8.0_144\\bin\\ssv.dll [2017-10-01] (Oracle Corporation)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\\Program Files (x86)\\Microsoft Office\\root\\VFS\\ProgramFilesX64\\Microsoft Office\\Office16\\GROOVEEX.DLL [2017-09-28] (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\\Program Files\\Java\\jre1.8.0_144\\bin\\jp2ssv.dll [2017-10-01] (Oracle Corporation)

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\OCHelper.dll [2017-09-28] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\\Program Files (x86)\\Java\\jre1.8.0_144\\bin\\ssv.dll [2017-10-01] (Oracle Corporation)

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\GROOVEEX.DLL [2017-09-28] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\\Program Files (x86)\\Java\\jre1.8.0_144\\bin\\jp2ssv.dll [2017-10-01] (Oracle Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\MSOSB.DLL [2017-09-28] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\MSOSB.DLL [2017-09-28] (Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\MSOSB.DLL [2017-09-28] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\MSOSB.DLL [2017-09-28] (Microsoft Corporation)

 

FireFox:

========

FF ProfilePath: C:\\Users\\CJ\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\4i1byb64.default [2017-10-06]

FF Plugin: @java.com/DTPlugin,version=10.15.2 -> C:\\WINDOWS\\system32\\npDeployJava1.dll [2017-10-01] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\\Program Files\\Java\\jre1.8.0_144\\bin\\plugin2\\npjp2.dll [2017-10-01] (Oracle Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\\WINDOWS\\SysWOW64\\npDeployJava1.dll [2017-10-01] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\\Program Files (x86)\\Java\\jre1.8.0_144\\bin\\plugin2\\npjp2.dll [2017-10-01] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\\Program Files (x86)\\Microsoft Office\\root\\VFS\\ProgramFilesX86\\Mozilla Firefox\\plugins\\npmeetingjoinpluginoc.dll [2017-09-28] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\NPSPWRAP.DLL [2017-09-28] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\\Program Files (x86)\\Google\\Update\\1.3.33.5\\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\\Program Files (x86)\\Google\\Update\\1.3.33.5\\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll [2016-06-01] (VideoLAN)

FF Plugin-x32: @zenointel.com/p2p -> C:\\Program Files (x86)\\IVSWeb\\Bin\\npzeno.dll [2016-10-21] (zeno)

FF Plugin-x32: Adobe Reader -> C:\\Program Files (x86)\\Adobe\\Acrobat Reader DC\\Reader\\AIR\\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)

 

Chrome: 

=======

CHR NewTab: Default ->  Not-active:\"chrome-extension://ekphndofpjddifhmklpfanlhgfabepdd/html/newtab.html\"

CHR DefaultSearchURL: Default -> hxxp://www.blpsearch.com/search?sid={SYSID}&aid={APPID}&itype=u&src=ds&p={searchTerms}&tm=0

CHR DefaultSearchKeyword: Default -> Default-Search

CHR Profile: C:\\Users\\CJ\\AppData\\Local\\Google\\Chrome\\User Data\\Default [2017-10-10]

CHR Extension: (Google Docs) - C:\\Users\\CJ\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\aohghmighlieiainnegkcijnfilokake [2016-11-27]

CHR Extension: (Google Drive) - C:\\Users\\CJ\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\apdfllckaahabafndbhieahigkjlhalf [2016-11-27]

CHR Extension: (YouTube) - C:\\Users\\CJ\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-27]

CHR Extension: (Google Docs Offline) - C:\\Users\\CJ\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-27]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\\Users\\CJ\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-10-02]

CHR Extension: (Hoxx VPN Proxy) - C:\\Users\\CJ\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\nbcojefnccbanplpoffopkoepjmhgdgh [2017-08-27]

CHR Extension: (Chrome Web Store Payments) - C:\\Users\\CJ\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]

CHR Extension: (Gmail) - C:\\Users\\CJ\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-27]

CHR Extension: (Chrome Media Router) - C:\\Users\\CJ\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-26]

CHR HKU\\S-1-5-21-2908262934-1883109290-1439357133-1002\\SOFTWARE\\Google\\Chrome\\Extensions\\...\\Chrome\\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

 

==================== Services (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S2 Apple Mobile Device Service; C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)

S3 BEService; C:\\Program Files (x86)\\Common Files\\BattlEye\\BEService.exe [1533448 2017-09-14] ()

R2 ClickToRunSvc; C:\\Program Files\\Common Files\\Microsoft Shared\\ClickToRun\\OfficeClickToRun.exe [7761608 2017-09-08] (Microsoft Corporation)

S3 Disc Soft Lite Bus Service; C:\\Program Files\\DAEMON Tools Lite\\DiscSoftBusServiceLite.exe [1471168 2016-12-23] (Disc Soft Ltd)

S2 GoProDeviceDetectionService; C:\\Program Files\\GoPro\\GoPro Desktop App\\GoProDeviceDetection.exe [37808 2017-03-16] ()

S2 hshld; C:\\Program Files (x86)\\Hotspot Shield\\bin\\cmw_srv.exe [52656 2017-09-27] (AnchorFree Inc.)

R2 MBAMService; C:\\Program Files\\Malwarebytes\\Anti-Malware\\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)

S2 NvContainerLocalSystem; C:\\Program Files\\NVIDIA Corporation\\NvContainer\\nvcontainer.exe [513144 2017-08-22] (NVIDIA Corporation)

S3 NvContainerNetworkService; C:\\Program Files\\NVIDIA Corporation\\NvContainer\\nvcontainer.exe [513144 2017-08-22] (NVIDIA Corporation)

S2 NVDisplay.ContainerLocalSystem; C:\\Program Files\\NVIDIA Corporation\\Display.NvContainer\\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation)

S2 NvTelemetryContainer; C:\\Program Files (x86)\\NVIDIA Corporation\\NvTelemetry\\NvTelemetryContainer.exe [450168 2017-08-22] (NVIDIA Corporation)

S2 PlaysService; C:\\Program Files (x86)\\Raptr Inc\\PlaysTV\\plays_service.exe [55056 2016-12-17] (Copyright (c) 2016 Plays.tv, LLC)

S2 Razer Game Scanner Service; C:\\Program Files (x86)\\Razer\\Razer Services\\GSS\\GameScannerService.exe [189264 2016-09-25] ()

S3 Sense; C:\\Program Files\\Windows Defender Advanced Threat Protection\\MsSense.exe [2889896 2016-12-17] (Microsoft Corporation)

S2 TeamViewer; C:\\Program Files (x86)\\TeamViewer\\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)

S3 WdNisSvc; C:\\Program Files\\Windows Defender\\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)

S3 WinDefend; C:\\Program Files\\Windows Defender\\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

S2 AdaptiveSleepService; \"C:\\Program Files\\ATI Technologies\\ATI.ACE\\A4\\AdaptiveSleepService.exe\" [X]

S2 ibtsiva; %SystemRoot%\\system32\\ibtsiva [X]

 

===================== Drivers (Whitelisted) ======================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AFTrafMgr1.3; C:\\Program Files (x86)\\Hotspot Shield\\bin\\TrafMgr_1_3_64.sys [64912 2017-09-07] (AnchorFree Inc.)

R2 AODDriver4.3.0; C:\\Program Files (x86)\\AMD\\OverDrive\\amd64\\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)

R3 dtlitescsibus; C:\\WINDOWS\\System32\\drivers\\dtlitescsibus.sys [30264 2017-01-01] (Disc Soft Ltd)

R3 dtliteusbbus; C:\\WINDOWS\\System32\\drivers\\dtliteusbbus.sys [47672 2017-01-01] (Disc Soft Ltd)

S3 ibtusb; C:\\WINDOWS\\system32\\DRIVERS\\ibtusb.sys [231168 2017-01-13] (Intel Corporation)

R3 MBAMSwissArmy; C:\\WINDOWS\\System32\\Drivers\\mbamswissarmy.sys [252232 2017-10-09] (Malwarebytes)

S3 NetAdapterCx; C:\\WINDOWS\\System32\\drivers\\NetAdapterCx.sys [90624 2016-07-16] ()

S3 NETwNb64; C:\\WINDOWS\\System32\\drivers\\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)

R3 nvlddmkm; C:\\WINDOWS\\System32\\DriverStore\\FileRepository\\nv_dispi.inf_amd64_ce1961376673184c\\nvlddmkm.sys [15600248 2017-08-23] (NVIDIA Corporation)

S3 NvStreamKms; C:\\Program Files\\NVIDIA Corporation\\NvStreamSrv\\NvStreamKms.sys [30328 2017-08-22] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\\WINDOWS\\system32\\drivers\\nvvad64v.sys [48248 2017-08-22] (NVIDIA Corporation)

R3 nvvhci; C:\\WINDOWS\\System32\\drivers\\nvvhci.sys [57976 2017-08-22] (NVIDIA Corporation)

R3 rt640x64; C:\\WINDOWS\\System32\\drivers\\rt640x64.sys [589824 2016-07-16] (Realtek )

R2 rzpmgrk; C:\\Windows\\system32\\drivers\\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)

R2 rzpnk; C:\\Windows\\system32\\drivers\\rzpnk.sys [137840 2016-09-08] (Razer, Inc.)

R3 sshid; C:\\WINDOWS\\System32\\drivers\\sshid.sys [52952 2016-11-26] (SteelSeries ApS)

S3 WdBoot; C:\\WINDOWS\\system32\\drivers\\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)

S3 WdFilter; C:\\WINDOWS\\system32\\drivers\\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)

S3 WdNisDrv; C:\\WINDOWS\\System32\\Drivers\\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

R3 xhunter1; C:\\WINDOWS\\xhunter1.sys [38368 2017-10-09] (Wellbia.com Co., Ltd.)

S3 XtuAcpiDriver; C:\\WINDOWS\\System32\\drivers\\XtuAcpiDriver.sys [63840 2016-12-15] (Intel Corporation)

S2 AODDriver4.3; \\??\\C:\\Program Files\\AMD\\ATI.ACE\\Fuel\\amd64\\AODDriver2.sys [X]

S2 APXACC; \\SystemRoot\\system32\\DRIVERS\\appexDrv.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2017-10-10 00:11 - 2017-10-10 00:11 - 000018511 _____ C:\\Users\\CJ\\Downloads\\FRST.txt

2017-10-10 00:11 - 2017-10-10 00:11 - 000000000 ____D C:\\FRST

2017-10-10 00:09 - 2017-10-10 00:10 - 002401792 _____ (Farbar) C:\\Users\\CJ\\Downloads\\FRST64.exe

2017-10-09 23:48 - 2017-10-09 23:48 - 000252232 _____ (Malwarebytes) C:\\WINDOWS\\system32\\Drivers\\mbamswissarmy.sys

2017-10-09 23:48 - 2017-10-09 23:48 - 000001912 _____ C:\\Users\\Public\\Desktop\\Malwarebytes.lnk

2017-10-09 23:48 - 2017-10-09 23:48 - 000000000 ____D C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Malwarebytes

2017-10-09 23:48 - 2017-10-04 13:15 - 000077440 _____ C:\\WINDOWS\\system32\\Drivers\\mbae64.sys

2017-10-09 23:47 - 2017-10-09 23:47 - 000000000 ____D C:\\ProgramData\\Malwarebytes

2017-10-09 23:47 - 2017-10-09 23:47 - 000000000 ____D C:\\Program Files\\Malwarebytes

2017-10-09 23:35 - 2017-10-09 23:40 - 071535032 _____ (Malwarebytes ) C:\\Users\\CJ\\Downloads\\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951.exe

2017-10-09 21:17 - 2017-10-09 21:17 - 000001141 _____ C:\\Users\\Public\\Desktop\\Hotspot Shield.lnk

2017-10-09 21:17 - 2017-10-09 21:17 - 000000000 ____D C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Hotspot Shield

2017-10-09 21:17 - 2017-10-09 21:17 - 000000000 ____D C:\\Program Files (x86)\\Hotspot Shield

2017-10-09 20:39 - 2017-10-09 21:15 - 017316208 _____ (AnchorFree Inc.) C:\\Users\\CJ\\Downloads\\HotspotShield-7.1.4-14117277.exe

2017-10-08 22:15 - 2017-10-08 22:15 - 000172544 _____ C:\\Users\\CJ\\Downloads\\API_SH.XPD.PUBL_DS2_en_excel_v2.xls

2017-10-08 21:07 - 2017-10-08 21:07 - 000050870 _____ C:\\Users\\CJ\\Downloads\\medical-kit.psd

2017-10-08 21:07 - 2017-10-08 21:07 - 000004203 _____ C:\\Users\\CJ\\Downloads\\medical-kit.eps

2017-10-08 21:06 - 2017-10-08 21:06 - 000002137 _____ C:\\Users\\CJ\\Downloads\\medical-kit.svg

2017-10-07 02:46 - 2017-10-07 02:46 - 000000165 ____H C:\\Users\\CJ\\Downloads\\~$Marketofy 2.0 - 16x9 - MAIN.pptx

2017-10-07 02:43 - 2017-10-07 02:43 - 000000165 ____H C:\\Users\\CJ\\Downloads\\~$Marketofy - 16x9 - Colored Light.pptx

2017-10-07 00:18 - 2017-10-07 00:19 - 000000165 ____H C:\\Users\\CJ\\Downloads\\~$Hospitals_10.6.2017.xlsx

2017-10-06 23:27 - 2017-10-09 01:10 - 001786776 _____ C:\\Users\\CJ\\Downloads\\Hospitals_10.6.2017.xlsx

2017-10-06 23:27 - 2017-10-06 23:27 - 000230723 _____ C:\\Users\\CJ\\Downloads\\Beds ppt_10.6.2017.pptx

2017-10-05 23:13 - 2017-10-05 23:16 - 017316208 _____ (AnchorFree Inc.) C:\\Users\\CJ\\Downloads\\HotspotShield-7.1.4-13784716.exe

2017-10-05 23:07 - 2017-10-05 23:07 - 000000000 ____D C:\\Users\\CJ\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Mudfish Cloud VPN

2017-10-05 23:06 - 2017-10-05 23:06 - 001832496 _____ C:\\Users\\CJ\\Downloads\\mudfish-4.4.6-x86_64-win2k-setup.exe

2017-10-03 01:48 - 2017-10-03 01:49 - 000000000 ____D C:\\Program Files (x86)\\Mozilla Firefox

2017-10-02 22:18 - 2015-10-11 11:52 - 052451274 _____ C:\\Users\\CJ\\Desktop\\Marketofy - 16x9 - Colored Light.pptx

2017-10-02 21:25 - 2017-10-03 01:52 - 000255099 _____ C:\\Users\\CJ\\Downloads\\Hospitals.xlsx

2017-10-02 21:25 - 2017-10-02 21:25 - 000227451 _____ C:\\Users\\CJ\\Downloads\\Beds ppt.pptx

2017-10-02 20:40 - 2017-10-02 20:40 - 000000000 ____D C:\\Users\\CJ\\AppData\\Local\\Viber

2017-10-02 20:36 - 2017-10-09 01:04 - 002926060 _____ C:\\Users\\CJ\\Downloads\\\'17 CPA T&D_Hospitals_Part 1 Industry and Regulations+.pptx

2017-10-02 20:36 - 2017-10-02 20:36 - 000151753 _____ C:\\Users\\CJ\\Downloads\\implementing_guidelines_0.pdf

2017-10-02 20:36 - 2017-10-02 20:36 - 000002486 _____ C:\\Users\\CJ\\Downloads\\Agenda.txt

2017-10-02 00:16 - 2017-10-02 00:16 - 000000000 ____D C:\\Users\\Default\\AppData\\Local\\Google

2017-10-02 00:16 - 2017-10-02 00:16 - 000000000 ____D C:\\Users\\Default User\\AppData\\Local\\Google

2017-10-02 00:12 - 2017-01-02 17:00 - 010600703 _____ C:\\Users\\CJ\\Downloads\\Marketofy 2.0 - 16x9 - MAIN.pptx

2017-10-02 00:06 - 2017-10-09 23:33 - 000000000 ___RD C:\\Users\\CJ\\Google Drive

2017-10-02 00:06 - 2017-10-02 00:06 - 000001757 _____ C:\\Users\\CJ\\Desktop\\Google Drive.lnk

2017-10-01 23:54 - 2017-10-01 23:54 - 000279068 _____ C:\\Users\\CJ\\Downloads\\hospitals_032015.pdf

2017-10-01 23:35 - 2015-10-11 11:52 - 052451274 _____ C:\\Users\\CJ\\Downloads\\Marketofy - 16x9 - Colored Light.pptx

2017-10-01 23:01 - 2017-10-02 00:17 - 000002103 _____ C:\\Users\\Public\\Desktop\\Google Docs.lnk

2017-10-01 23:01 - 2017-10-02 00:17 - 000000000 ____D C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Google Drive

2017-10-01 23:01 - 2017-10-01 23:01 - 000759525 _____ C:\\Users\\CJ\\Downloads\\Hospital Training_Part 5_+.pptx

2017-10-01 22:57 - 2017-10-01 22:57 - 001130328 _____ (Google Inc.) C:\\Users\\CJ\\Downloads\\googledrivesync.exe

2017-10-01 22:53 - 2017-10-02 01:51 - 000000000 ____D C:\\Users\\CJ\\Desktop\\Hospital Training

2017-10-01 22:51 - 2017-10-01 22:51 - 028081172 _____ C:\\Users\\CJ\\Desktop\\Industries 2017.rar

2017-10-01 22:22 - 2017-10-01 22:23 - 001206627 _____ C:\\Users\\CJ\\Downloads\\CTA_1D_CV_06746_D_2009FEB23_ASS.pdf

2017-10-01 22:02 - 2017-10-01 22:02 - 000096644 _____ C:\\Users\\CJ\\Downloads\\hospitals_032015.xlsx

2017-10-01 22:00 - 2017-10-01 22:00 - 000156391 _____ C:\\Users\\CJ\\Downloads\\hospitals_122016.xlsx

2017-10-01 21:58 - 2017-10-01 21:58 - 000358158 _____ C:\\Users\\CJ\\Downloads\\hospitals_122016.pdf

2017-10-01 18:25 - 2017-10-01 17:12 - 300769661 _____ C:\\Users\\CJ\\Documents\\EZ ppt.zip

2017-10-01 17:13 - 2017-01-02 19:01 - 000000000 ____D C:\\Users\\CJ\\Downloads\\__MACOSX

2017-10-01 17:13 - 2016-09-12 12:46 - 000000000 ____D C:\\Users\\CJ\\Downloads\\Marketofy v2.0 Powerpoint Template

2017-10-01 16:28 - 2017-10-01 17:12 - 300769661 _____ C:\\Users\\CJ\\Downloads\\graphicriver-13231486-marketofy-ultimate-powerpoint-template.zip

2017-10-01 16:14 - 2017-10-01 22:30 - 000000000 ____D C:\\Users\\CJ\\Downloads\\Hospitals

2017-10-01 16:03 - 2017-10-01 16:03 - 003776597 _____ C:\\Users\\CJ\\Downloads\\MPIC 2016 17A - FINAL.pdf

2017-10-01 15:48 - 2017-10-01 16:10 - 009307480 _____ C:\\Users\\CJ\\Downloads\\Unconfirmed 71936.crdownload

2017-10-01 15:09 - 2017-10-01 15:42 - 051981638 _____ C:\\Users\\CJ\\Downloads\\Unconfirmed 721227.crdownload

2017-10-01 09:26 - 2017-10-01 09:26 - 001120545 _____ C:\\Users\\CJ\\Downloads\\Healthcare ph 2015.pdf

2017-10-01 09:26 - 2017-10-01 09:26 - 000998300 _____ C:\\Users\\CJ\\Downloads\\Healthcare ph 2016.pdf

2017-10-01 09:23 - 2017-10-01 09:23 - 000783896 _____ C:\\Users\\CJ\\Downloads\\study_id44300_the-philippines.pdf

2017-10-01 09:20 - 2017-10-01 09:20 - 002991957 _____ C:\\Users\\CJ\\Downloads\\MarketResearch.com_10702756.pdf

2017-10-01 09:09 - 2017-10-01 09:09 - 005303043 _____ C:\\Users\\CJ\\Downloads\\Philippines Country Risk Report.pdf

2017-10-01 05:48 - 2017-10-01 05:31 - 000110144 _____ (Oracle Corporation) C:\\WINDOWS\\SysWOW64\\WindowsAccessBridge-64.dll

2017-10-01 05:44 - 2017-10-01 05:47 - 057217088 _____ (Oracle Corporation) C:\\Users\\CJ\\Downloads\\jre-8u144-windows-i586.exe

2017-10-01 05:39 - 2017-10-01 05:42 - 063119957 _____ C:\\Users\\CJ\\Downloads\\jre-8u144-windows-i586.tar.gz

2017-10-01 05:35 - 2017-10-01 05:35 - 000001232 _____ C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Mozilla Firefox.lnk

2017-10-01 05:35 - 2017-10-01 05:35 - 000001220 _____ C:\\Users\\Public\\Desktop\\Mozilla Firefox.lnk

2017-10-01 05:35 - 2017-10-01 05:35 - 000000000 ____D C:\\ProgramData\\Mozilla

2017-10-01 05:32 - 2017-10-01 05:48 - 000000000 ____D C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Java

2017-10-01 05:32 - 2017-10-01 05:05 - 001085344 _____ (Oracle Corporation) C:\\WINDOWS\\system32\\npDeployJava1.dll

2017-10-01 05:32 - 2017-10-01 05:05 - 000963488 _____ (Oracle Corporation) C:\\WINDOWS\\system32\\deployJava1.dll

2017-10-01 05:30 - 2017-10-01 05:48 - 000000000 ____D C:\\Program Files (x86)\\Java

2017-10-01 05:30 - 2017-10-01 05:47 - 000270912 _____ (Oracle Corporation) C:\\WINDOWS\\SysWOW64\\javaws.exe

2017-10-01 05:30 - 2017-10-01 05:47 - 000097856 _____ (Oracle Corporation) C:\\WINDOWS\\SysWOW64\\WindowsAccessBridge-32.dll

2017-10-01 05:30 - 2017-10-01 05:30 - 000867240 _____ (Oracle Corporation) C:\\WINDOWS\\SysWOW64\\npDeployJava1.dll

2017-10-01 05:30 - 2017-10-01 05:30 - 000789416 _____ (Oracle Corporation) C:\\WINDOWS\\SysWOW64\\deployJava1.dll

2017-10-01 05:30 - 2017-10-01 05:30 - 000000000 ____D C:\\ProgramData\\Sun

2017-10-01 05:22 - 2017-10-01 05:25 - 036445280 _____ C:\\Users\\CJ\\Downloads\\Firefox Setup 33.0.2.exe

2017-10-01 05:21 - 2017-10-01 05:25 - 031714728 _____ (Oracle Corporation) C:\\Users\\CJ\\Downloads\\jre-7u25-windows-i586.exe

2017-10-01 05:10 - 2017-10-01 05:11 - 008624296 _____ (Mozilla) C:\\Users\\CJ\\Downloads\\FirefoxSetup3.6.28.exe

2017-10-01 05:05 - 2017-10-01 05:32 - 000000000 ____D C:\\Program Files\\Java

2017-10-01 05:05 - 2017-10-01 05:31 - 000319552 _____ (Oracle Corporation) C:\\WINDOWS\\system32\\javaws.exe

2017-10-01 05:05 - 2017-10-01 05:31 - 000110144 _____ (Oracle Corporation) C:\\WINDOWS\\system32\\WindowsAccessBridge-64.dll

2017-10-01 05:02 - 2017-10-01 05:02 - 000002710 _____ C:\\WINDOWS\\mozver.dat

2017-10-01 05:00 - 2017-10-01 05:00 - 004918270 _____ (Mozilla) C:\\Users\\CJ\\Downloads\\Firefox Setup 1.0.exe

2017-10-01 04:58 - 2017-10-01 05:01 - 032999840 _____ (Oracle Corporation) C:\\Users\\CJ\\Downloads\\jre-7u15-windows-x64.exe

2017-10-01 04:48 - 2017-10-01 04:48 - 000000000 ____D C:\\Users\\CJ\\AppData\\LocalLow\\Sun

2017-10-01 04:47 - 2017-10-01 05:49 - 000000000 ____D C:\\ProgramData\\Oracle

2017-10-01 04:47 - 2017-10-01 04:47 - 000000000 ____D C:\\Users\\CJ\\AppData\\Roaming\\Sun

2017-10-01 04:39 - 2017-10-01 04:43 - 065365056 _____ (Oracle Corporation) C:\\Users\\CJ\\Downloads\\jre-8u144-windows-x64.exe

2017-09-30 19:37 - 2017-09-30 19:41 - 070683081 _____ C:\\Users\\CJ\\Downloads\\jre-9_windows-x64_bin.tar.gz

2017-09-30 19:16 - 2017-09-30 19:16 - 000245712 _____ (Mozilla) C:\\Users\\CJ\\Downloads\\Firefox Installer.exe

2017-09-30 19:07 - 2017-09-30 19:07 - 000000000 ____D C:\\Users\\CJ\\AppData\\Local\\{3248F0A6-6813-11D6-A77B-00B0D0150050}

2017-09-30 18:45 - 2017-09-30 18:45 - 016433280 _____ (Sun Microsystems, Inc. ) C:\\Users\\CJ\\Downloads\\jre_1_5_0_05.exe

2017-09-30 18:04 - 2017-09-30 18:04 - 001418410 _____ C:\\Users\\CJ\\Downloads\\Summary of HB No. 5636 and SB No. 1592 (Tax Reform Bill).pdf

2017-09-30 14:26 - 2017-09-30 14:26 - 000027394 _____ C:\\Users\\CJ\\Downloads\\2016_Summary of Mt. Grace Hospitals (1).xlsx

2017-09-29 06:28 - 2017-09-29 06:28 - 000465466 _____ C:\\Users\\CJ\\Downloads\\ATISCO_8 30 2017_Working Trial Balance.xlsx

2017-09-28 21:41 - 2017-09-28 21:41 - 005024016 _____ C:\\Users\\CJ\\Downloads\\2016_HMSI_WTB_7 14 2017_9 18 2017 v3.xlsx

2017-09-26 21:01 - 2017-09-26 23:29 - 000009651 _____ C:\\Users\\CJ\\Downloads\\Cash Flow.xlsx

2017-09-24 23:48 - 2017-09-25 01:10 - 000000000 ____D C:\\Users\\CJ\\Desktop\\Industries 2017

2017-09-24 23:34 - 2017-09-24 23:34 - 001382389 _____ C:\\Users\\CJ\\Downloads\\MLIP2373-0038.pdf

2017-09-23 12:58 - 2017-09-23 12:58 - 002836805 _____ C:\\Users\\CJ\\Downloads\\2017_SFCMCI_PFRS Disclosure Checklist.xlsx

2017-09-22 12:27 - 2017-09-22 12:27 - 000468620 _____ C:\\Users\\CJ\\Downloads\\YTMI_6 30 2017_Working Trial Balance_edt.xlsx

2017-09-21 23:29 - 2017-10-09 21:17 - 000000000 ____D C:\\ProgramData\\Hotspot Shield

2017-09-21 22:51 - 2017-09-21 23:00 - 015269888 _____ (AnchorFree Inc.) C:\\Users\\CJ\\Downloads\\HotspotShield-7.1.3-12690018.exe

2017-09-20 21:26 - 2017-09-20 21:26 - 000000000 ____D C:\\Users\\CJ\\ansel

2017-09-20 21:25 - 2017-10-09 23:57 - 000038368 _____ (Wellbia.com Co., Ltd.) C:\\WINDOWS\\xhunter1.sys

2017-09-20 21:23 - 2017-09-30 02:44 - 000000000 ____D C:\\Users\\CJ\\Documents\\Black Desert

2017-09-20 00:24 - 2017-09-20 00:39 - 002153872 _____ C:\\Users\\CJ\\Downloads\\2017_YRC_Presentation_CJP.pptx

2017-09-20 00:15 - 2017-09-20 00:19 - 002118525 _____ C:\\Users\\CJ\\Downloads\\2017_YRC_Presentation for CJP 9 20 2017.pptx

2017-09-19 23:38 - 2017-09-19 23:38 - 000011578 _____ C:\\Users\\CJ\\Downloads\\Recovery.xlsx

2017-09-19 23:27 - 2017-09-19 23:27 - 000026396 _____ C:\\Users\\CJ\\Downloads\\2017_Torres Group_Time Charges.xlsx

2017-09-19 23:27 - 2017-09-19 23:27 - 000014193 _____ C:\\Users\\CJ\\Downloads\\2017_Cabrini_Time Charges.xlsx

2017-09-19 23:23 - 2017-09-19 23:23 - 002033199 _____ C:\\Users\\CJ\\Downloads\\2017_YRC_Presentation CJP.pptx

2017-09-19 22:14 - 2017-09-19 23:22 - 002033196 _____ C:\\Users\\CJ\\Downloads\\2017_YRC_Presentation ttech 2017.pptx

2017-09-18 20:47 - 2017-09-18 20:47 - 000334745 _____ C:\\Users\\CJ\\Downloads\\September 18 Managers Meeting_+.pdf

2017-09-18 07:15 - 2017-09-18 07:15 - 000000000 ____D C:\\Users\\CJ\\AppData\\Local\\TeamViewer

2017-09-18 07:13 - 2017-10-05 22:52 - 000000000 ____D C:\\Program Files (x86)\\TeamViewer

2017-09-18 07:13 - 2017-09-18 07:13 - 000001116 _____ C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\TeamViewer 12.lnk

2017-09-18 07:13 - 2017-09-18 07:13 - 000001104 _____ C:\\Users\\Public\\Desktop\\TeamViewer 12.lnk

2017-09-18 07:13 - 2017-09-18 07:13 - 000000000 ____D C:\\Users\\CJ\\AppData\\Roaming\\TeamViewer

2017-09-18 07:13 - 2016-11-28 18:55 - 000035112 _____ (TeamViewer GmbH) C:\\WINDOWS\\system32\\Drivers\\teamviewervpn.sys

2017-09-18 06:35 - 2017-09-18 06:51 - 015756368 _____ (TeamViewer GmbH) C:\\Users\\CJ\\Downloads\\TeamViewer_Setup.exe

2017-09-17 20:40 - 2017-09-17 20:40 - 000000000 ____D C:\\Users\\CJ\\AppData\\Local\\cache

2017-09-17 20:33 - 2017-09-17 20:33 - 000000000 ____D C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\PlaysTV

2017-09-17 20:30 - 2017-09-17 20:30 - 000000000 ____D C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Games

2017-09-17 14:36 - 2017-10-09 23:55 - 000000000 ____D C:\\Users\\CJ\\AppData\\Local\\BlackDesertOnline

2017-09-17 14:34 - 2017-10-09 23:57 - 000000000 ____D C:\\Program Files (x86)\\Black Desert Online

2017-09-17 14:34 - 2017-09-17 14:34 - 000002083 _____ C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Black Desert Online.lnk

2017-09-17 14:34 - 2017-09-17 14:34 - 000002077 _____ C:\\Users\\Public\\Desktop\\Black Desert Online.lnk

2017-09-17 14:34 - 2017-09-17 14:34 - 000000000 ___HD C:\\Program Files (x86)\\InstallShield Installation Information

2017-09-17 14:34 - 2017-09-17 14:34 - 000000000 ____D C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Black Desert Online

2017-09-17 14:00 - 2017-09-17 14:02 - 051930432 _____ (Kakao Games Europe B.V.) C:\\Users\\CJ\\Downloads\\BlackDesertOnlineSetup_20170726_1022.exe

2017-09-17 12:02 - 2017-09-17 12:02 - 000002584 _____ C:\\Users\\CJ\\Desktop\\Windows 7 USB DVD Download Tool.lnk

2017-09-17 12:02 - 2017-09-17 12:02 - 000000000 ____D C:\\Users\\CJ\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Windows 7 USB DVD Download Tool

2017-09-17 12:02 - 2017-09-17 12:02 - 000000000 ____D C:\\Users\\CJ\\AppData\\Local\\Apps\\Windows 7 USB DVD Download Tool

2017-09-17 12:01 - 2017-09-17 12:01 - 002721168 _____ (Microsoft Corporation) C:\\Users\\CJ\\Downloads\\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe

2017-09-17 11:57 - 2017-09-17 11:58 - 000000000 ___HD C:\\$WINDOWS.~BT

2017-09-14 23:00 - 2017-09-14 23:00 - 000214044 _____ C:\\Users\\CJ\\Downloads\\Jowel Pelayo.pdf

2017-09-14 06:53 - 2017-09-14 06:53 - 005408934 _____ C:\\Users\\CJ\\Downloads\\IFRS 9 Impairment.pptx

2017-09-14 06:10 - 2017-09-14 06:59 - 001969878 _____ C:\\Users\\CJ\\Downloads\\2017_YRC_Presentation for CJP.pptx

2017-09-11 23:22 - 2017-09-11 23:22 - 000284224 _____ C:\\Users\\CJ\\Downloads\\\'17 TTCC RTC Status of Audit Requirements 9 11 2017.pdf

2017-09-11 21:18 - 2017-09-19 11:13 - 000000000 ____D C:\\Users\\CJ\\Documents\\Buffwerke

2017-09-11 20:46 - 2017-09-11 20:46 - 000174588 _____ C:\\Users\\CJ\\Downloads\\AMCMLabResult (2).pdf

2017-09-10 22:47 - 2017-10-09 22:57 - 000000000 ____D C:\\Users\\CJ\\Documents\\ViberDownloads

2017-09-10 22:42 - 2017-10-09 23:32 - 000000000 ____D C:\\Users\\CJ\\AppData\\Roaming\\ViberPC

2017-09-10 22:42 - 2017-09-10 22:42 - 000001030 _____ C:\\Users\\CJ\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Viber.lnk

2017-09-10 22:42 - 2017-09-10 22:42 - 000001028 _____ C:\\Users\\CJ\\Desktop\\Viber.lnk

2017-09-10 22:42 - 2017-09-10 22:42 - 000000000 ____D C:\\Users\\CJ\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Viber

2017-09-10 22:42 - 2017-09-10 22:42 - 000000000 ____D C:\\Users\\CJ\\AppData\\Local\\Viber Media S.à r.l

2017-09-10 22:42 - 2017-09-10 22:42 - 000000000 ____D C:\\Users\\CJ\\AppData\\Local\\Package Cache

2017-09-10 22:30 - 2017-09-10 22:36 - 084390144 _____ (Viber Media Inc.) C:\\Users\\CJ\\Downloads\\ViberSetup (1).exe

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2017-10-09 23:39 - 2016-12-16 09:32 - 000000000 ____D C:\\Users\\CJ

2017-10-09 23:38 - 2017-09-02 09:10 - 000000000 ____D C:\\Program Files (x86)\\Mudfish Cloud VPN

2017-10-09 23:33 - 2017-01-14 17:39 - 000000000 ____D C:\\ProgramData\\NVIDIA

2017-10-09 23:33 - 2016-11-27 03:33 - 000000000 ____D C:\\Program Files (x86)\\Steam

2017-10-09 23:30 - 2016-12-16 09:40 - 000000006 ____H C:\\WINDOWS\\Tasks\\SA.DAT

2017-10-09 23:30 - 2016-07-16 14:04 - 000524288 _____ C:\\WINDOWS\\system32\\config\\BBI

2017-10-09 23:02 - 2016-12-16 09:27 - 000000000 ____D C:\\WINDOWS\\system32\\SleepStudy

2017-10-09 22:32 - 2017-01-10 20:06 - 000000000 ____D C:\\Users\\CJ\\AppData\\Local\\Spotify

2017-10-09 22:32 - 2017-01-10 20:02 - 000000000 ____D C:\\Users\\CJ\\AppData\\Roaming\\Spotify

2017-10-09 21:16 - 2016-12-16 09:29 - 000000000 ____D C:\\ProgramData\\Package Cache

2017-10-09 00:14 - 2016-11-27 15:14 - 000000000 ____D C:\\Users\\CJ\\AppData\\Local\\Packages

2017-10-08 21:58 - 2016-07-16 19:47 - 000000000 ____D C:\\WINDOWS\\system32\\NDF

2017-10-07 12:37 - 2017-07-30 10:59 - 000000000 ____D C:\\Users\\CJ\\AppData\\Roaming\\discord

2017-10-07 12:25 - 2016-12-22 23:07 - 000000000 ____D C:\\Program Files (x86)\\Mozilla Maintenance Service

2017-10-06 21:31 - 2016-11-27 20:57 - 000000000 ____D C:\\Users\\CJ\\AppData\\Roaming\\vlc

2017-10-01 23:01 - 2016-11-27 02:53 - 000000000 ____D C:\\Users\\CJ\\AppData\\Local\\Google

2017-10-01 23:01 - 2016-11-27 02:53 - 000000000 ____D C:\\Program Files (x86)\\Google

2017-10-01 22:49 - 2017-01-14 17:19 - 000000000 ____D C:\\Users\\CJ\\AppData\\Local\\CrashDumps

2017-10-01 05:35 - 2016-12-22 23:08 - 000000000 ____D C:\\Users\\CJ\\AppData\\Roaming\\Mozilla

2017-10-01 05:01 - 2016-12-22 23:08 - 000000000 ____D C:\\Users\\CJ\\AppData\\LocalLow\\Mozilla

2017-09-30 02:37 - 2016-07-16 19:47 - 000000000 ____D C:\\ProgramData\\regid.1991-06.com.microsoft

2017-09-30 02:35 - 2016-11-27 02:57 - 000000000 ____D C:\\Program Files (x86)\\Microsoft Office

2017-09-26 08:39 - 2016-11-27 02:56 - 000002272 _____ C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Google Chrome.lnk

2017-09-26 08:39 - 2016-11-27 02:56 - 000002260 _____ C:\\Users\\Public\\Desktop\\Google Chrome.lnk

2017-09-24 23:55 - 2017-09-02 18:59 - 000000000 ____D C:\\Users\\CJ\\Desktop\\9.2.17

2017-09-22 23:07 - 2017-08-27 22:09 - 000000000 ____D C:\\Users\\CJ\\AppData\\Roaming\\obs-studio

2017-09-22 23:00 - 2017-07-25 21:10 - 000003372 _____ C:\\WINDOWS\\System32\\Tasks\\OneDrive Standalone Update Task-S-1-5-21-2908262934-1883109290-1439357133-1002

2017-09-22 23:00 - 2016-11-27 15:17 - 000002358 _____ C:\\Users\\CJ\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\OneDrive.lnk

2017-09-22 23:00 - 2016-11-27 15:17 - 000000000 ___RD C:\\Users\\CJ\\OneDrive

2017-09-22 22:55 - 2017-01-14 18:50 - 000000000 ____D C:\\Users\\CJ\\AppData\\Local\\NVIDIA Corporation

2017-09-20 21:11 - 2016-12-16 09:27 - 000338176 _____ C:\\WINDOWS\\system32\\FNTCACHE.DAT

2017-09-19 12:01 - 2017-02-14 21:35 - 000026149 _____ C:\\Users\\CJ\\Downloads\\Percentage tax.xlsx

2017-09-19 11:16 - 2017-01-09 19:59 - 000000000 ____D C:\\eBIRForms

2017-09-18 19:36 - 2016-12-30 00:39 - 000000000 ____D C:\\Users\\CJ\\AppData\\Roaming\\uTorrent

2017-09-18 07:13 - 2016-07-16 19:45 - 000000000 ____D C:\\WINDOWS\\INF

2017-09-17 20:40 - 2016-11-26 23:41 - 000000000 ____D C:\\Users\\CJ\\AppData\\Roaming\\Skype

2017-09-17 20:33 - 2016-11-27 00:06 - 000000000 ____D C:\\Program Files (x86)\\Raptr Inc

2017-09-17 20:30 - 2016-11-27 03:34 - 000000000 ____D C:\\Games

2017-09-17 20:25 - 2016-12-16 09:29 - 000000000 ____D C:\\Program Files (x86)\\AMD

2017-09-17 11:58 - 2016-12-17 01:26 - 000000000 ___DC C:\\WINDOWS\\Panther

2017-09-17 11:58 - 2016-12-16 09:42 - 000001908 _____ C:\\WINDOWS\\diagwrn.xml

2017-09-17 11:58 - 2016-12-16 09:42 - 000001908 _____ C:\\WINDOWS\\diagerr.xml

 

Some files in TEMP:

====================

2017-10-02 20:50 - 2017-10-09 23:57 - 000000084 _____ () C:\\Users\\CJ\\AppData\\Local\\Temp\\1da6952ce9f53da2eaf3d388206d3aa1.dll

2017-10-02 02:01 - 2017-10-02 02:01 - 000000180 _____ () C:\\Users\\CJ\\AppData\\Local\\Temp\\6699d3ee8dd9cf775caae782c8f44f03.dll

 

==================== Bamital & volsnap ======================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\\WINDOWS\\system32\\winlogon.exe => File is digitally signed

C:\\WINDOWS\\system32\\wininit.exe => File is digitally signed

C:\\WINDOWS\\explorer.exe => File is digitally signed

C:\\WINDOWS\\SysWOW64\\explorer.exe => File is digitally signed

C:\\WINDOWS\\system32\\svchost.exe => File is digitally signed

C:\\WINDOWS\\SysWOW64\\svchost.exe => File is digitally signed

C:\\WINDOWS\\system32\\services.exe => File is digitally signed

C:\\WINDOWS\\system32\\User32.dll => File is digitally signed

C:\\WINDOWS\\SysWOW64\\User32.dll => File is digitally signed

C:\\WINDOWS\\system32\\userinit.exe => File is digitally signed

C:\\WINDOWS\\SysWOW64\\userinit.exe => File is digitally signed

C:\\WINDOWS\\system32\\rpcss.dll => File is digitally signed

C:\\WINDOWS\\system32\\dnsapi.dll => File is digitally signed

C:\\WINDOWS\\SysWOW64\\dnsapi.dll => File is digitally signed

C:\\WINDOWS\\system32\\Drivers\\volsnap.sys => File is digitally signed

 

LastRegBack: 2017-10-05 20:46

 

==================== End of FRST.txt ============================


Pages: [1]