PotatoUser
2017-10-13, 02:42
My computer was slow in shutting down last night and while scanning with glary utilities the program freezes with 'ixt0.dll' highlighted.
any help will be most appreciated.
Here is the logs.
___
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2017
Ran by Ryan Nakai (administrator) on LICORICE-PC (12-10-2017 17:22:44)
Running from C:\Users\Ryan Nakai\Desktop
Loaded Profiles: Ryan Nakai (Available Profiles: Ryan Nakai & DefaultAppPool)
Platform: Windows 10 Pro 170602-2340 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Windows\System32\GManager.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
() C:\Windows\System32\mlpatch.exe
(Foxit Software Inc.) C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Magic Control Technology Corporation) C:\Program Files (x86)\Common Files\DesktopUtil\MCTDUtil.exe
(Magic Control Technology Corporation) C:\Program Files (x86)\Common Files\DesktopUtil\FDispPos.exe
(Magic Control Technology Corporation) C:\Program Files (x86)\MCT Corp\UVTP100\Driver\TUCCDUTIL\TUCCD.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Google Inc.) C:\Users\Ryan Nakai\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(Google, Inc) C:\Users\Ryan Nakai\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MCTDUtil] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [FDispPos] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [TUCCDUtil] => C:\Program Files (x86)\MCT Corp\UVTP100\Driver\TUCCDUTIL\TUCCD.exe [1895120 2016-02-19] (Magic Control Technology Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5088872 2017-08-07] (Box, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-07-21] (Razer Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3481912 2017-10-03] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [Google Update] => C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [MusicManager] => C:\Users\Ryan Nakai\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7643136 2016-02-01] (Google Inc.)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3101984 2017-10-11] (Valve Corporation)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25622168 2017-08-31] (Google)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2017-09-27] (Glarysoft Ltd)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [Google Photos Backup] => C:\Users\Ryan Nakai\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [GoogleChromeAutoLaunch_01263A5253C555C4A9D4CAD3ADB95ECB] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\MountPoints2: {69802939-7361-11e5-9bcc-d48564b6502e} - "I:\VerizonSWUpgradeAssistantLauncher.exe"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-02-13]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-09-22]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{69b9a6f4-8ea2-49ce-9859-b593bb2652a7}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-08-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-08-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-09-19] (DVDVideoSoft Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-10-29] (DVDVideoSoft Ltd.)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default [2017-10-08]
FF user.js: detected! => C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\user.js [2014-11-04]
FF Extension: (Click&Clean) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\clickclean@hotcleaner.com [2016-05-01]
FF Extension: (Pocket) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\isreaditlater@ideashower.com [2015-05-30]
FF Extension: (NoScript) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-09-28]
FF Extension: (WOT) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2017-09-28]
FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-01-13] [not signed]
FF Extension: (Video DownloadHelper) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-06-04]
FF Extension: (Adblock Plus) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-11]
FF Extension: (DownThemAll!) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-01]
FF SearchPlugin: C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\searchplugins\youtube-video-search.xml [2013-05-21]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_159.dll [2017-10-10] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_159.dll [2017-10-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-02-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-02-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-02-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-02-28] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3813752901-3998910076-3428625962-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3813752901-3998910076-3428625962-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3813752901-3998910076-3428625962-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ryan Nakai\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-24] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "chrome://apps/"
CHR NewTab: Default -> Active:"chrome-extension://dbfmnekepjoapopniengjbcpnbljalfg/index.html"
CHR Profile: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default [2017-10-12]
CHR Extension: (Slides) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Type Case) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgojplakjihkbpjdemlbedkkgpbojeg [2016-12-17]
CHR Extension: (Just Type) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbmjhlgdihdaebioelepgldgojpkjag [2014-07-19]
CHR Extension: (Docs) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Desmos Graphing Calculator) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhdheahnajobgndecdbggfmcojekgdko [2014-04-16]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-07-12]
CHR Extension: (YouTube) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Solitaire) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim [2016-12-16]
CHR Extension: (Honey) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-10-10]
CHR Extension: (eBay) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2014-04-09]
CHR Extension: (HTML5 Analog Clock) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbfcckmhbpkjgfcnbgfmdodnlokimjdc [2014-05-11]
CHR Extension: (Adblock Plus) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-28]
CHR Extension: (Pushbullet) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2017-10-09]
CHR Extension: (Add to Amazon Wish List) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2016-06-02]
CHR Extension: (Google Search) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Infinity New Tab) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbfmnekepjoapopniengjbcpnbljalfg [2017-09-06]
CHR Extension: (Calculator) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\decmldkknaaemlafplkkdmmmelbdnlja [2017-09-27]
CHR Extension: (Polarr Photo Editor) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2017-06-18]
CHR Extension: (Timer) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2013-05-20]
CHR Extension: (Google Calendar) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (Box) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2015-04-29]
CHR Extension: (AudioRecorder) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\enhfkjkjfhhdibpgjmiamdcdgmcjpplk [2015-10-05]
CHR Extension: (Google Play Music) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2017-09-28]
CHR Extension: (Sheets) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Play Movies) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\fppdphmgcddhjeddoeghpjefkdlccljb [2013-02-16]
CHR Extension: (Calendar Clock) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\galgfocamdohgeifjlbefkfpaalankfi [2016-07-22]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-08-23]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2017-10-09]
CHR Extension: (Digital Clock) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2013-05-15]
CHR Extension: (Google Docs Offline) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-16]
CHR Extension: (Planetarium) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2015-08-07]
CHR Extension: (AdBlock) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-04]
CHR Extension: (History Eraser) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2017-09-24]
CHR Extension: (Google Keep - notes and lists) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-10-11]
CHR Extension: (Clock) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoihofapbdnldlhecnhefifbcddgdkhm [2014-05-11]
CHR Extension: (Crackle) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2015-09-09]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-07-18]
CHR Extension: (Google Play Music) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-07]
CHR Extension: (The Weather Channel for Chrome) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2013-02-11]
CHR Extension: (1-click-timer) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\igloknlllonknnbkfgggfkigmeegmakf [2017-03-05]
CHR Extension: (Dropbox) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-06-30]
CHR Extension: (Voice to Text) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcdafhjjjfnkoeilnjmnadadaoehgdc [2017-08-04]
CHR Extension: (Matthew Bauer) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhficiigpnhhaojldmanflihieepanbb [2016-01-05]
CHR Extension: (Pocket Website) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap [2013-07-19]
CHR Extension: (History Eraser App) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjolhjmdgbhebcdnfjhngobjggghoipa [2016-07-15]
CHR Extension: (Calculator) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\joodangkbfjnajiiifokapkpmhfnpleo [2016-05-17]
CHR Extension: (Google Play) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-02-11]
CHR Extension: (The Gansberg Clock) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhecpmapflhhdpcnpedpcaabolnapcae [2013-05-15]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2014-04-16]
CHR Extension: (BehindTheOverlay) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljipkdpcjbmhkdjjmbbaggebcednbbme [2016-10-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-07]
CHR Extension: (Google Maps) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-18]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2017-08-15]
CHR Extension: (Spelunky HTML5) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhagnkphcmpkmabhocgimoncfaihkpof [2015-05-29]
CHR Extension: (Google Drawings) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2015-09-26]
CHR Extension: (Google Play Books) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2016-04-22]
CHR Extension: (QR Code Generator) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\nanmadekhdoofgmhichkcjlgiofmofbl [2013-02-11]
CHR Extension: (PDF Merge - PDF Files Merger) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndolbcaghkmhjhgggldkgjibdilpbdbm [2017-10-04]
CHR Extension: (OneDrive) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2015-08-18]
CHR Extension: (Save to Pocket) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Scientific Calculator) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\npoipmeppdioagbkigdlnpmjphnolaog [2017-08-31]
CHR Extension: (Weather Underground) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2015-05-12]
CHR Extension: (Gmail) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-28]
CHR Extension: (Cool Metronome) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\polmfiinlikaadclgdojekfaoglellgm [2015-12-24]
CHR Profile: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-01-14]
CHR HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-13] (Adobe Systems) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [36680 2017-08-07] (Box, Inc.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe [71512 2017-07-31] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3059440 2017-07-18] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-28] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2017-10-03] (Dropbox, Inc.)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-02-24] (Foxit Software Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-10-15] (Futuremark)
R2 GManager; C:\Windows\system32\GManager.exe [313432 2012-08-28] ()
R2 MCTDesktopSvr; C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] ()
R2 MlPatch; C:\WINDOWS\system32\MlPatch.exe [2244912 2014-08-22] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-19] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-11] (Realtek Semiconductor)
U2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-06-03] (Microsoft Corporation)
S2 DigitalWave.Update.Service; "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2017-01-27] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-11] (Samsung Electronics Co., Ltd.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-05] (Glarysoft Ltd)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-10-12] (Malwarebytes)
R3 mctkmd; C:\WINDOWS\system32\drivers\mctkmd64.sys [172752 2016-02-03] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\WINDOWS\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
R1 MpKsl9c8c92a3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{84CCD30E-420D-4C18-A888-00299F654723}\MpKsl9c8c92a3.sys [58120 2017-10-12] (Microsoft Corporation)
S1 MpKsld4969ecd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{84CCD30E-420D-4C18-A888-00299F654723}\MpKsld4969ecd.sys [58120 2017-10-11] () [File not signed]
R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-07-18] (Razer, Inc.)
S3 SaiH0461; C:\WINDOWS\system32\DRIVERS\SaiH0461.sys [178432 2017-06-22] (Saitek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-11] (Samsung Electronics Co., Ltd.)
R3 t1pusb64; C:\WINDOWS\system32\drivers\t1pusb64.sys [156424 2016-04-08] (Magic Control Technology Corp.)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 aswMBR; C:\Users\Ryan Nakai\AppData\Local\Temp\aswMBR.sys [62728 2017-10-12] () [File not signed] <==== ATTENTION
U3 aswVmm; C:\Users\Ryan Nakai\AppData\Local\Temp\aswVmm.sys [224896 2017-10-12] () <==== ATTENTION
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-12 17:22 - 2017-10-12 17:22 - 000040135 _____ C:\Users\Ryan Nakai\Desktop\FRST.txt
2017-10-12 17:20 - 2017-10-12 17:20 - 000000564 _____ C:\Users\Ryan Nakai\Desktop\aswMBR.txt
2017-10-12 16:24 - 2017-10-12 16:24 - 000000000 ____D C:\FRST
2017-10-12 16:21 - 2017-10-12 17:00 - 005198336 _____ (AVAST Software) C:\Users\Ryan Nakai\Desktop\aswMBR.exe
2017-10-12 16:19 - 2017-10-12 16:24 - 002401792 _____ (Farbar) C:\Users\Ryan Nakai\Desktop\FRST64.exe
2017-10-12 12:36 - 2017-10-12 12:36 - 000000000 ___HD C:\OneDriveTemp
2017-10-12 12:24 - 2017-10-12 12:24 - 000016148 _____ C:\WINDOWS\system32\LICORICE-PC_Ryan Nakai_HistoryPrediction.bin
2017-10-12 11:53 - 2017-10-12 11:53 - 000388608 _____ (Trend Micro Inc.) C:\Users\Ryan Nakai\Desktop\HijackThis.exe
2017-10-12 11:48 - 2017-10-12 11:48 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-10-12 11:44 - 2017-10-12 11:44 - 000001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-10-12 11:44 - 2017-10-12 11:44 - 000001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-10-12 11:44 - 2017-10-12 11:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-10-12 11:43 - 2017-10-12 11:45 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-10-12 11:43 - 2017-10-12 11:44 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-10-12 11:43 - 2017-05-23 09:22 - 000032240 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2017-10-12 11:39 - 2017-10-12 11:43 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\Ryan Nakai\Downloads\spybotsd-2.6.46.exe
2017-10-12 11:30 - 2017-10-12 11:33 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2017-10-12 11:30 - 2017-10-12 11:30 - 000000000 ____D C:\ProgramData\SUPERSetup
2017-10-12 11:30 - 2017-10-12 11:30 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-10-12 11:30 - 2017-10-12 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-10-12 11:28 - 2017-10-12 11:28 - 000425304 _____ (Secure By Design Inc.) C:\Users\Ryan Nakai\Downloads\Ninite SUPERAntiSpyware Installer.exe
2017-10-12 11:04 - 2017-10-12 11:04 - 000001171 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2017-10-11 19:05 - 2017-10-11 19:05 - 006614768 _____ C:\Users\Ryan Nakai\Downloads\1507765328.orange-peel_pkmrescue_fla.swf
2017-10-10 11:59 - 2017-10-10 11:59 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-07 20:08 - 2017-10-07 20:08 - 003924286 _____ C:\Users\Ryan Nakai\Downloads\1507366426474.webm
2017-10-07 18:36 - 2017-10-07 19:08 - 000000000 ____D C:\Users\Ryan Nakai\Desktop\New folder
2017-10-06 21:25 - 2017-10-07 01:55 - 1647968256 _____ C:\Users\Ryan Nakai\Desktop\linuxmint-18.2-xfce-64bit.iso
2017-10-05 23:34 - 2017-10-05 23:34 - 000136375 _____ C:\Users\Ryan Nakai\Downloads\Lesson 4 - Ethics Scenarios 1.pdf
2017-10-04 15:22 - 2017-10-04 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-03 04:21 - 2017-10-03 04:21 - 000051016 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-10-03 04:21 - 2017-10-03 04:21 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-10-03 04:21 - 2017-10-03 04:21 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-10-03 04:21 - 2017-10-03 04:21 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-09-29 16:06 - 2017-09-29 16:06 - 000360466 _____ C:\Users\Ryan Nakai\Downloads\1445763477.siroc_mm_son_wip1.swf
2017-09-29 11:41 - 2017-09-29 11:42 - 007026214 _____ C:\Users\Ryan Nakai\Downloads\1506706468.orange-peel_zapdos_special_versiond.swf
2017-09-28 23:06 - 2017-09-28 23:06 - 000001362 _____ C:\Users\Ryan Nakai\Desktop\CnD Chicken
2017-09-28 15:24 - 2017-09-28 15:24 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2017-09-26 12:56 - 2017-09-26 12:57 - 000000000 ____D C:\Users\Ryan Nakai\Downloads\Madoka pnm
2017-09-23 16:36 - 2017-09-23 16:38 - 006635333 _____ C:\Users\Ryan Nakai\Downloads\2a62ecfd585bc41749d2e094219295af.swf
2017-09-23 10:54 - 2017-09-23 10:54 - 000675939 _____ C:\Users\Ryan Nakai\Downloads\1852459 - Cutepet Sailor_Moon Usagi_Tsukino.jpeg
2017-09-22 16:56 - 2017-09-22 16:56 - 000234842 _____ C:\Users\Ryan Nakai\Downloads\make-model-scatter-dot-blue-green-reversible-strapless-bandeau-bra-product-2-3047491-643272225.jpeg
2017-09-22 16:55 - 2017-09-22 16:55 - 000256691 _____ C:\Users\Ryan Nakai\Downloads\make-model-rainbow-check-lilac-sheer-reversible-strapless-bandeau-bra-product-2-4299888-174110365.jpeg
2017-09-20 16:34 - 2017-09-20 16:35 - 022214921 _____ C:\Users\Ryan Nakai\Downloads\Ghost.swf
2017-09-18 16:55 - 2017-09-18 16:55 - 001937674 _____ C:\Users\Ryan Nakai\Downloads\DD_CA10Df.swf
2017-09-18 16:55 - 2017-09-18 16:55 - 001883481 _____ C:\Users\Ryan Nakai\Downloads\DD_BA1Df.swf
2017-09-18 16:52 - 2017-09-18 16:53 - 007635217 _____ C:\Users\Ryan Nakai\Downloads\DD_AA10Df_S.swf
2017-09-16 20:30 - 2017-09-16 20:30 - 000240334 _____ C:\Users\Ryan Nakai\Downloads\1505205833.diives_lopunny_ball_nsfw_released_swf.swf
2017-09-16 11:10 - 2017-09-16 11:12 - 008812312 _____ C:\Users\Ryan Nakai\Downloads\2031073_Pherion_patreon360p.swf
2017-09-14 23:33 - 2017-09-14 23:33 - 000057790 _____ C:\Users\Ryan Nakai\Downloads\How to Read a Recipe by Alton Brown.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-12 16:47 - 2015-12-28 20:01 - 000000940 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-10-12 12:36 - 2014-11-28 17:14 - 000000000 ___RD C:\Users\Ryan Nakai\OneDrive
2017-10-12 12:32 - 2014-11-04 12:30 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2017-10-12 12:30 - 2015-08-02 22:42 - 001005662 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-12 12:30 - 2015-07-10 05:02 - 000000000 ____D C:\WINDOWS\INF
2017-10-12 12:28 - 2013-02-14 17:16 - 000000000 ___RD C:\Users\Ryan Nakai\Google Drive
2017-10-12 12:28 - 2013-02-13 22:37 - 000000000 ____D C:\Program Files (x86)\Steam
2017-10-12 12:24 - 2015-12-28 20:01 - 000000936 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-10-12 12:24 - 2013-08-06 15:54 - 000002802 _____ C:\WINDOWS\system32\GManager.ini
2017-10-12 12:23 - 2015-07-10 06:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-12 11:11 - 2017-01-26 22:58 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-10-12 11:04 - 2014-11-04 12:30 - 000003398 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2017-10-12 11:04 - 2014-11-04 12:30 - 000003044 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2017-10-12 11:04 - 2014-11-04 12:30 - 000001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2017-10-11 23:25 - 2015-07-10 05:04 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-11 23:25 - 2015-07-10 05:04 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-11 18:22 - 2017-06-30 12:18 - 000000809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2017-10-11 18:22 - 2017-06-30 12:18 - 000000797 _____ C:\Users\Ryan Nakai\Desktop\Windows 10 Update Assistant.lnk
2017-10-11 18:22 - 2016-09-30 12:50 - 000000000 ____D C:\Windows10Upgrade
2017-10-10 20:19 - 2013-02-11 19:52 - 000000000 ____D C:\Users\Ryan Nakai\AppData\Roaming\vlc
2017-10-10 18:41 - 2013-02-12 23:08 - 000000000 ____D C:\Users\Ryan Nakai\AppData\Roaming\XnView
2017-10-10 15:28 - 2016-09-30 12:52 - 000000000 ___HD C:\$GetCurrent
2017-10-10 15:28 - 2013-02-11 17:05 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2017-10-10 15:28 - 2013-02-11 17:05 - 000001908 _____ C:\WINDOWS\diagerr.xml
2017-10-10 15:27 - 2017-06-30 17:47 - 000000036 _____ C:\WINDOWS\progress.ini
2017-10-10 15:22 - 2015-08-02 23:08 - 000000430 __RSH C:\Users\Ryan Nakai\ntuser.pol
2017-10-10 15:22 - 2015-08-02 22:43 - 000000000 ____D C:\Users\Ryan Nakai
2017-10-10 15:22 - 2013-02-13 19:56 - 000000400 __RSH C:\ProgramData\ntuser.pol
2017-10-10 12:23 - 2016-10-21 22:12 - 000004554 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-10 12:23 - 2015-07-10 05:04 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-10 12:23 - 2015-07-10 05:04 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-10 12:06 - 2013-08-14 22:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-10 11:59 - 2013-02-12 13:04 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-06 16:55 - 2013-08-15 16:38 - 000000000 ____D C:\Users\Ryan Nakai\AbiSuite
2017-10-06 16:28 - 2015-07-10 03:05 - 000131072 ___SH C:\WINDOWS\system32\config\BBI
2017-10-05 19:42 - 2017-07-20 22:45 - 000000000 ____D C:\Program Files\rempl
2017-10-05 13:33 - 2016-11-24 17:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-05 13:33 - 2013-02-14 20:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-04 15:23 - 2015-12-28 20:01 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-09-26 15:39 - 2013-02-11 18:54 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-20 22:45 - 2016-12-23 11:57 - 000000000 ____D C:\Users\Ryan Nakai\AppData\LocalLow\Mozilla
2017-09-20 11:20 - 2015-07-10 05:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-20 11:19 - 2014-11-28 16:14 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-09-20 11:05 - 2015-07-10 05:04 - 000000000 ____D C:\WINDOWS\rescache
2017-09-19 12:46 - 2017-07-24 21:29 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3813752901-3998910076-3428625962-1001
2017-09-19 12:46 - 2015-08-02 23:17 - 000002423 _____ C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-16 10:16 - 2013-02-14 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
==================== Files in the root of some directories =======
2015-08-16 00:59 - 2015-08-16 00:59 - 000000000 _____ () C:\Program Files\Microsoft Security Client
2015-08-22 01:27 - 2015-08-22 01:27 - 000000000 _____ () C:\Program Files (x86)\ATI Technologies
2015-08-16 00:59 - 2015-08-16 00:59 - 000000000 _____ () C:\Program Files (x86)\Common Files\AMD
2013-03-08 23:04 - 2013-04-16 23:19 - 000096418 _____ () C:\Users\Ryan Nakai\AppData\Roaming\Logs
2013-04-01 13:37 - 2013-04-01 13:37 - 000109298 _____ (Microsoft Corporation) C:\Users\Ryan Nakai\AppData\Roaming\MSWINSCK.OCX
2005-04-07 20:16 - 2013-03-09 01:48 - 000005200 ____H () C:\Users\Ryan Nakai\AppData\Roaming\Ryan Nakailog.dat
2016-05-30 19:55 - 2016-05-30 19:55 - 000000218 _____ () C:\Users\Ryan Nakai\AppData\Local\recently-used.xbel
2013-05-17 22:42 - 2013-05-17 22:42 - 000000017 _____ () C:\Users\Ryan Nakai\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
2017-08-02 09:12 - 2017-08-02 09:12 - 001786128 _____ (Microsoft Corporation) C:\Users\Ryan Nakai\AppData\Local\Temp\mpam-224de45.exe
2017-09-25 19:49 - 2017-09-25 19:54 - 018624784 _____ (Microsoft Corporation) C:\Users\Ryan Nakai\AppData\Local\Temp\mpam-9ad71ab3.exe
2017-07-21 20:26 - 2017-09-24 14:21 - 006457520 _____ (Microsoft Corporation) C:\Users\Ryan Nakai\AppData\Local\Temp\Windows10Upgrade.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
__
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2017
Ran by Ryan Nakai (12-10-2017 17:26:41)
Running from C:\Users\Ryan Nakai\Desktop
Windows 10 Pro 170602-2340 (X64) (2015-08-03 05:08:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3813752901-3998910076-3428625962-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3813752901-3998910076-3428625962-503 - Limited - Disabled)
Guest (S-1-5-21-3813752901-3998910076-3428625962-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3813752901-3998910076-3428625962-1004 - Limited - Enabled)
Ryan Nakai (S-1-5-21-3813752901-3998910076-3428625962-1001 - Administrator - Enabled) => C:\Users\Ryan Nakai
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
8-Bit Bayonetta (HKLM\...\Steam App 567090) (Version: - PlatinumGames, Bitbaboon)
AbiWord 2.8.6 (HKLM-x32\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.159 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.159 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
AlphaSmart AlphaBeam 3.2 (HKLM-x32\...\AlphaSmart AlphaBeam 3.2) (Version: - )
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audacity 2.1.3 (HKLM-x32\...\AudacityŽ_is1) (Version: 2.1.3 - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games)
BIT.TRIP BEAT (HKLM-x32\...\Steam App 63700) (Version: - Gaijin Games)
Box Sync (HKLM\...\{0653E263-C86D-44AB-AE83-25407370FCE1}) (Version: 4.0.7848.0 - Box, Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
Chipamp (HKLM-x32\...\Chipamp) (Version: 1.0 - OverClocked ReMix)
Chrome Remote Desktop Host (HKLM-x32\...\{BAD014C7-DB71-474A-AC68-F06FAE17A949}) (Version: 61.0.3163.20 - Google Inc.)
Contraption Maker (HKLM-x32\...\Steam App 241240) (Version: - Spotkin)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 36.4.22 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version: - 3D Realms)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
DVDFab 9.1.8.8 (13/02/2015) (HKLM-x32\...\DVDFab 9 US_is1) (Version: - Fengtao Software Inc.)
EDGE (HKLM-x32\...\Steam App 38740) (Version: - Two Tribes)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Eversion (HKLM-x32\...\Steam App 33680) (Version: - Zaratustra Productions)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - )
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FocusWriter (HKLM-x32\...\FocusWriter) (Version: 1.5.7 - Graeme Gott)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.2.1.6871 - Foxit Software Inc.)
Free FLV to MP4 Converter 1.0.28 (HKLM-x32\...\{B00D1F02-C556-48eb-9DC2-32C778B71CE2}_is1) (Version: 1.0.28 - free-videoconverter)
Futuremark SystemInfo (HKLM-x32\...\{B8E78E04-6020-4CD2-BEAB-7BB6E9EF75C3}) (Version: 4.22.211 - Futuremark)
Glary Utilities 5.85 (HKLM-x32\...\Glary Utilities 5) (Version: 5.85.0.106 - Glarysoft Ltd)
Google Chrome (HKLM\...\{C1FECBCE-6D6B-3040-A62C-A205863357F6}) (Version: 61.0.3163.100 - Google, Inc.)
Google Drive (HKLM-x32\...\{F9A2761E-C1E4-4384-92A3-5732C9738327}) (Version: 2.34.6717.9565 - Google, Inc.)
Google Photos Backup (HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Ikaruga (HKLM\...\Steam App 253750) (Version: - Treasure)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
Inkscape 0.92.1 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.92 - inkscape.org)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
KB4023057 (HKLM\...\{0C050BEE-16BE-4998-8959-2A421433DB6E}) (Version: 2.5.0.0 - Microsoft Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LibreOffice 5.3.1.2 (HKLM\...\{9A2A4317-64E9-4631-997A-F2C4F8A512C7}) (Version: 5.3.1.2 - The Document Foundation)
MakeMKV v1.10.7 (HKLM-x32\...\MakeMKV) (Version: v1.10.7 - GuinpinSoft inc)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4963.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mighty Switch Force! Hose It Down! (HKLM-x32\...\Steam App 375310) (Version: - WayForward)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mozilla Thunderbird 52.2.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.2.1 (x86 en-US)) (Version: 52.2.1 - Mozilla)
Music Manager (HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\MusicManager) (Version: - Google, Inc.)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)
My Game Long Name (HKLM\...\UDK-9c727eda-b1c8-4d60-a336-76dd5b849c08) (Version: - Epic Games, Inc.)
Noitu Love 2 Devolution (HKLM-x32\...\Steam App 207530) (Version: - Joakim Sandberg)
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4963.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4963.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4963.1002 - Microsoft Corporation) Hidden
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version: - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version: - Mine Loader Software Co., Ltd.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
PDFBinder (HKLM-x32\...\{8BA03AC2-579F-41CD-A250-740137D86F7A}) (Version: 1.0.0 - Malamute.dk)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.1 - pdfforge GmbH)
Peggle Deluxe (HKLM-x32\...\Steam App 3480) (Version: - PopCap Games, Inc.)
Peggle Extreme (HKLM-x32\...\Steam App 3483) (Version: - PopCap Games, Inc.)
Peggle Nights (HKLM-x32\...\Steam App 3540) (Version: - PopCap Games, Inc.)
Pepakura Designer 4 (HKLM-x32\...\pepakura_designer4en) (Version: - TamaSoftware)
Pink Heaven (HKLM-x32\...\Steam App 409690) (Version: - Studio Pixel)
Pink Hour (HKLM-x32\...\Steam App 409670) (Version: - Studio Pixel)
PNotes.NET 3.0.1.5 (HKLM-x32\...\{02384F4C-1820-49E9-9D03-81F27EEE1224}_is1) (Version: 3.0.1.5 - Andrey Gruber)
Princess Remedy in a World of Hurt (HKLM\...\Steam App 407900) (Version: - Ludosity)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Race The Sun (HKLM-x32\...\Steam App 253030) (Version: - Flippfly LLC)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.721 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Respondus LockDown Browser (HKLM-x32\...\{C0E5147E-C9F3-4360-9ED0-2E875F11766C}) (Version: 1.02.0001 - Respondus, Inc.)
Respondus LockDown Browser 2 (HKLM-x32\...\{BBC7F69B-7A94-41E9-8A4B-B55A8D06431F}) (Version: 2.00.0000 - Respondus)
Retro Game Crunch (HKLM-x32\...\Steam App 290040) (Version: - Rusty Moyher)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Should I Remove It (HKLM-x32\...\{4E62123C-4C0D-4123-A8A2-C0103B92D7EA}) (Version: 1.0.4 - Reason Software Company Inc.) Hidden
Should I Remove It (HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Skullgirls (HKLM-x32\...\Steam App 245170) (Version: - Lab Zero Games)
Skullgirls ∞Endless Beta∞ (HKLM-x32\...\Steam App 208610) (Version: - )
Sonic Adventure 2 (HKLM-x32\...\Steam App 213610) (Version: - SEGA)
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Amazing Wagon Adventure (HKLM-x32\...\Steam App 250500) (Version: - sparsevector)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version: - Terry Cavanagh)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1248 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
The Typing of The Dead: Overkill (HKLM-x32\...\Steam App 246580) (Version: - Modern Dream)
TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom)
Trigger External Graphics Family 16.02.0315.0179 (HKLM-x32\...\{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Version: 16.02.0315.0179 - MCT Corp)
Undertale (HKLM-x32\...\Steam App 391540) (Version: - tobyfox)
Unity Web Player (HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
UpdateAssistant (HKLM-x32\...\{DE45508F-369E-4476-8F19-088F4933340E}) (Version: 1.8.0.0 - Microsoft Corporation) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Wizorb (HKLM-x32\...\Steam App 207420) (Version: - Tribute Games)
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.29.2\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ BoxSyncFileLocked] -> {2a607da5-abe8-358e-a881-c0f5faf2d3a5} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncFileLockedByOther] -> {f7d2951f-0b6b-346c-99ec-69cffc30a364} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncNotSynced] -> {5ea95e3d-3e46-3812-b03c-49785fa67d41} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncProblem] -> {a88b7184-bfa1-3d14-8efb-2225df9699bc} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncSynced] -> {c89f9943-8f58-3eca-bd55-a658f53b2f48} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [BoxContextMenuClient] -> {4a9f9d0f-60bd-3164-a67d-4f811da1eea0} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-02-15] (Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2011-10-26] ()
ContextMenuHandlers1: [TeraCopyS64] -> {A764EEF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2011-10-26] ()
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2011-10-26] ()
ContextMenuHandlers2: [TeraCopyS64] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2011-10-26] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [BoxContextMenuClient] -> {4a9f9d0f-60bd-3164-a67d-4f811da1eea0} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2011-10-26] ()
ContextMenuHandlers4: [TeraCopyS64] -> {A764EEF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2011-10-26] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2011-10-26] ()
ContextMenuHandlers5: [TeraCopyS64] -> {A764EEF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2011-10-26] ()
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-02-15] (Foxit Software Inc.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2011-10-26] ()
ContextMenuHandlers6: [TeraCopyS64] -> {A764EEF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2011-10-26] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0332F065-457A-4893-918B-6C91CC2A059F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3813752901-3998910076-3428625962-1001Core => C:\Users\Ryan Nakai\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0DEE3FC5-3B3B-4231-9369-527159273B67} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {126F54CE-0361-4AB8-A13F-F1B72A673C97} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1293E7C4-D091-4650-9E2A-2D4A3F0E7B72} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {166B1A52-8BC0-497C-A2CD-F2101F098CF1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16830EC9-CA72-44AB-8564-AC78EDEF1A14} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-28] (Dropbox, Inc.)
Task: {1B53C0D6-6C50-47D3-8B42-8AC93E65F75F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2799B9E9-12D3-4F71-A23D-15D51EBB365C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2AC6A0AA-BED4-4351-8D95-3B2D924B1C4B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {318D4469-1F62-4553-913D-6E3840E17E41} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {32E4AFD2-0316-4A76-BE1D-4057A7C87A03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {37B49C50-3BE9-4D10-8077-FB043A549AD6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe generaltel.dll,RunTelemetryW
Task: {43E6EBC5-14EC-413D-B797-62A2979D587D} - System32\Tasks\{04831F74-BB9F-4417-B60D-8864EEFCFC35} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Ryan Nakai\AppData\Local\Temp\7zS803E.tmp\MicroInstallerNative.exe" -d C:\Users\RYANNA~1\AppData\Local\Temp\7zS803E.tmp <==== ATTENTION
Task: {45D32615-401F-4B39-A10E-2E85D1057902} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {4A739648-42BF-46D1-BD94-57DA880DA904} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {4E2A253D-A292-4285-8ABB-1D01EC2861A6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {52933F8A-FA64-4805-90B0-E9E91FDD91CD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {77FE407B-9CB5-4CEE-B8DB-2E784D4715E1} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2017-09-27] (Glarysoft Ltd)
Task: {78DD1C88-AC1F-4F7C-80F0-3EBFB1A6C760} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {792FC510-D96A-4EAC-96BC-735F2AF06891} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {7FD49B8C-4534-46E4-803E-691A78B40027} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {81D62FF8-BDB8-4B69-8B0C-AFB8C615080A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {84702869-6FA9-4A4D-ADBD-86067BB1E036} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8F4C3A2F-D807-437E-BAA4-10DF9721ED47} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: {903783B0-942F-44A6-87D2-1D8FB86F894F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_159_pepper.exe [2017-10-10] (Adobe Systems Incorporated)
Task: {93442E65-DBEC-44A9-A05E-57CA228722CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9C374FB4-2472-476C-861F-85F0B3B2F514} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9CE8A4DC-6488-411F-8CCA-1C8616A94E7F} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2017-09-27] (Glarysoft Ltd)
Task: {A02ABF5F-5951-480D-95A8-9BCEAB05EE27} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A4129062-7BB3-4F94-88A5-3FB69D7AC940} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A7EA203E-B53D-4870-8344-D0A761E9E441} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {ADB0D469-C39D-417C-B284-A856780422DC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B15F9FC0-AFA4-438D-8226-50352A24F36D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B1A83C33-A256-42B2-AB09-484BEE26FA72} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B4616533-F011-4B5B-97DC-9A089B4E081A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {BFC7F104-DCC1-4F32-9985-ED1D40749943} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C1C9C14A-394B-409C-B7F1-2AFA729DD1E8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {C77F73F6-A8A8-4B33-8690-04CF7870F28E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CD65B18E-3993-4CF0-8F0A-38C63937B50B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {D0292CC7-8EAC-49B4-981A-4191BB8F69AD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D1D43B61-A0FB-4164-B1D3-47DFB685FDAA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D7CE1568-7EE5-4B8A-90B1-56200FD4EC54} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3813752901-3998910076-3428625962-1001UA => C:\Users\Ryan Nakai\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D84D8721-8355-4147-A846-092C7EA55B4F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-28] (Dropbox, Inc.)
Task: {DC80A298-7590-4501-BF10-EBC5255EE6E5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DFD08C1B-6618-4CBF-8391-1D3AC94DA9A1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E56F21B5-C230-449C-B57D-B17C3C029513} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5BBDF34-B300-4077-A9DA-F87CA56EC14F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ECDE8BB0-EBC2-4B62-ACC7-446A5AD90E14} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F577CB80-ADC2-4DF2-BFA0-88211234FBFE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FAECCE5E-B814-400D-AB6B-CB495613FCF0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-10] (Adobe Systems Incorporated)
Task: {FCAED403-2419-4D81-81D8-6B792FCD1027} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FE36B75F-9F93-422B-9876-A128BD10DD43} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_npoipmeppdioagbkigdlnpmjphnolaog\Scientific Calculator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=npoipmeppdioagbkigdlnpmjphnolaog
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nffchahhjecejoiigmnhhicpoabngedk\OneDrive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nffchahhjecejoiigmnhhicpoabngedk
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_mkaakpdehdafacodkgkpghoibnmamcme\Google Drawings.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mkaakpdehdafacodkgkpghoibnmamcme
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_mhagnkphcmpkmabhocgimoncfaihkpof\Spelunky HTML5.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mhagnkphcmpkmabhocgimoncfaihkpof
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_liglcienpnkhdajdfmnpbgmpjglonipe\Numerics Calculator & Converter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=liglcienpnkhdajdfmnpbgmpjglonipe
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_lhecpmapflhhdpcnpedpcaabolnapcae\The Gansberg Clock.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lhecpmapflhhdpcnpedpcaabolnapcae
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_joodangkbfjnajiiifokapkpmhfnpleo\Calculator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=joodangkbfjnajiiifokapkpmhfnpleo
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hoihofapbdnldlhecnhefifbcddgdkhm\Clock.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hoihofapbdnldlhecnhefifbcddgdkhm
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hmjkmjkepdijhoojdojkdfohbdgmmhki\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_felcaaldnbdncclmgdcncolpebgiejap\Sheets.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=felcaaldnbdncclmgdcncolpebgiejap
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_ejjicmeblgpmajnghnpcppodonldlgfn\Google Calendar.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ejjicmeblgpmajnghnpcppodonldlgfn
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_edebbhkhcaafmolanelponjjanocpacd\Timer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=edebbhkhcaafmolanelponjjanocpacd
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_decmldkknaaemlafplkkdmmmelbdnlja\Calculator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=decmldkknaaemlafplkkdmmmelbdnlja
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cbfcckmhbpkjgfcnbgfmdodnlokimjdc\HTML5 Analog Clock.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cbfcckmhbpkjgfcnbgfmdodnlokimjdc
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_blpebaehgfgkcmmjjknibibbjacnplim\Solitaire.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=blpebaehgfgkcmmjjknibibbjacnplim
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_blpcfgokakmgnkcojhhkbfbldkacnbeo\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=blpcfgokakmgnkcojhhkbfbldkacnbeo
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_bhdheahnajobgndecdbggfmcojekgdko\Desmos Graphing Calculator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=bhdheahnajobgndecdbggfmcojekgdko
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_aohghmighlieiainnegkcijnfilokake\Docs.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=aohghmighlieiainnegkcijnfilokake
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_agbmjhlgdihdaebioelepgldgojpkjag\Just Type.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=agbmjhlgdihdaebioelepgldgojpkjag
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_aapocclcgogkmnckokdopfmhonfmgoek\Slides.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=aapocclcgogkmnckokdopfmhonfmgoek
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\AudioRecorder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=enhfkjkjfhhdibpgjmiamdcdgmcjpplk
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Calculator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=joodangkbfjnajiiifokapkpmhfnpleo
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Calendar Clock.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=galgfocamdohgeifjlbefkfpaalankfi
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\GPemu.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=jhficiigpnhhaojldmanflihieepanbb
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Just Type.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=agbmjhlgdihdaebioelepgldgojpkjag
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Polarr Photo Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=djonnbgfieijldcieafgjcnhmpcfpmgg
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Spelunky HTML5.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mhagnkphcmpkmabhocgimoncfaihkpof
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Type Case.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=afgojplakjihkbpjdemlbedkkgpbojeg
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=joodangkbfjnajiiifokapkpmhfnpleo
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Type Case.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=afgojplakjihkbpjdemlbedkkgpbojeg
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\fd4d8e7501576f3f\Pushbullet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=chlffgpmiacpedhhbkiomidkjlcfhogd
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\66b9b787e09fde9f\History Eraser.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gjieilkfnnjoihjjonajndjldjoagffm
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\34707bd4e0c9d2b9\Clock.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hoihofapbdnldlhecnhefifbcddgdkhm
==================== Loaded Modules (Whitelisted) ==============
2015-07-10 05:00 - 2015-07-10 05:00 - 000028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-03 00:31 - 2015-08-03 00:31 - 000032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-11-17 19:49 - 2016-10-25 01:15 - 000404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-11-28 16:14 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-08-02 23:24 - 2012-08-28 14:20 - 000313432 _____ () C:\Windows\system32\GManager.exe
2013-08-06 15:54 - 2011-05-03 18:13 - 000199296 _____ () C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
2015-08-02 23:24 - 2014-08-22 17:10 - 002244912 _____ () C:\WINDOWS\system32\MlPatch.exe
2017-07-19 16:09 - 2017-07-19 16:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-06-14 12:09 - 2017-06-03 07:39 - 002495776 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-07 17:13 - 2017-08-07 17:13 - 000126792 _____ () C:\Program Files\Box\Box Sync\_ctypes.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 001488200 _____ () C:\Program Files\Box\Box Sync\_hashlib.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000056648 _____ () C:\Program Files\Box\Box Sync\_socket.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 002106696 _____ () C:\Program Files\Box\Box Sync\_ssl.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000136520 _____ () C:\Program Files\Box\Box Sync\win32api.pyd
2017-08-07 17:09 - 2017-08-07 17:09 - 000143688 _____ () C:\Program Files\Box\Box Sync\pywintypes27.dll
2017-08-07 17:09 - 2017-08-07 17:09 - 000554824 _____ () C:\Program Files\Box\Box Sync\pythoncom27.dll
2017-08-07 17:08 - 2017-08-07 17:08 - 000063304 _____ () C:\Program Files\Box\Box Sync\psutil._psutil_windows.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000698184 _____ () C:\Program Files\Box\Box Sync\unicodedata.pyd
2017-08-07 17:02 - 2017-08-07 17:02 - 000009544 _____ () C:\Program Files\Box\Box Sync\clr.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000033096 _____ () C:\Program Files\Box\Box Sync\ujson.pyd
2017-08-07 17:09 - 2017-08-07 17:09 - 000017736 _____ () C:\Program Files\Box\Box Sync\select.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000187208 _____ () C:\Program Files\Box\Box Sync\_elementtree.pyd
2017-08-07 17:08 - 2017-08-07 17:08 - 000185672 _____ () C:\Program Files\Box\Box Sync\pyexpat.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000528200 _____ () C:\Program Files\Box\Box Sync\win32com.shell.shell.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000029000 _____ () C:\Program Files\Box\Box Sync\win32event.pyd
2017-08-07 17:11 - 2017-08-07 17:11 - 000155976 _____ () C:\Program Files\Box\Box Sync\win32file.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000069960 _____ () C:\Program Files\Box\Box Sync\_sqlite3.pyd
2017-08-07 17:11 - 2017-08-07 17:11 - 000142152 _____ () C:\Program Files\Box\Box Sync\win32security.pyd
2017-08-07 17:11 - 2017-08-07 17:11 - 000051016 _____ () C:\Program Files\Box\Box Sync\win32process.pyd
2017-08-07 17:12 - 2017-08-07 17:12 - 000059720 _____ () C:\Program Files\Box\Box Sync\win32service.pyd
2017-08-07 17:14 - 2017-08-07 17:14 - 000032072 _____ () C:\Program Files\Box\Box Sync\_yappi.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000040776 _____ () C:\Program Files\Box\Box Sync\_multiprocessing.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000027464 _____ () C:\Program Files\Box\Box Sync\win32clipboard.pyd
2017-08-07 17:11 - 2017-08-07 17:11 - 000229704 _____ () C:\Program Files\Box\Box Sync\win32gui.pyd
2017-03-22 09:44 - 2017-01-31 06:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2017-09-26 15:39 - 2017-09-21 01:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-26 15:39 - 2017-09-21 01:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-08-07 16:59 - 2017-08-07 16:59 - 000166216 _____ () C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
2013-02-25 19:57 - 2011-10-26 18:41 - 000126464 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2013-02-25 19:57 - 2011-10-26 18:41 - 000318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2015-09-30 20:00 - 2015-09-16 23:48 - 000429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2017-05-10 09:12 - 2017-04-27 17:44 - 006569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-02 18:08 - 2016-11-19 00:06 - 000471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-10 09:13 - 2017-04-27 17:42 - 001808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 20:00 - 2015-09-16 23:43 - 002274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-10-12 11:43 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-10-12 11:43 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-10-12 11:43 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-10-12 11:43 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-02-01 18:01 - 2016-02-01 18:01 - 000117248 _____ () C:\Users\Ryan Nakai\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2016-02-01 18:00 - 2016-02-01 18:00 - 000234496 _____ () C:\Users\Ryan Nakai\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2016-02-01 18:00 - 2016-02-01 18:00 - 000253440 _____ () C:\Users\Ryan Nakai\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2016-02-01 17:59 - 2016-02-01 17:59 - 000344064 _____ () C:\Users\Ryan Nakai\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2013-03-12 17:10 - 2017-09-09 13:25 - 000688416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 18:14 - 2016-08-31 19:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-21 16:49 - 2017-10-11 13:10 - 002546976 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-28 16:45 - 2016-01-27 01:49 - 002549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 16:45 - 2016-01-27 01:49 - 000491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 16:45 - 2016-01-27 01:49 - 000332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-28 16:45 - 2016-01-27 01:49 - 000442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 16:45 - 2016-01-27 01:49 - 000485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-19 18:14 - 2016-08-31 19:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 18:14 - 2016-08-31 19:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2013-02-13 22:41 - 2017-10-11 13:10 - 000901408 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-09-11 09:06 - 2014-09-11 09:06 - 000878592 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\platforms\qwindows.dll
2014-09-11 09:05 - 2014-09-11 09:05 - 000036352 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qgenericbearer.dll
2014-09-11 09:06 - 2014-09-11 09:06 - 000038912 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll
2014-09-11 09:14 - 2014-09-11 09:14 - 000032256 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qdds.dll
2014-09-11 09:05 - 2014-09-11 09:05 - 000021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qgif.dll
2014-09-11 09:14 - 2014-09-11 09:14 - 000027648 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qicns.dll
2014-09-11 09:05 - 2014-09-11 09:05 - 000021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qico.dll
2014-09-11 09:14 - 2014-09-11 09:14 - 000381952 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjp2.dll
2014-09-11 09:05 - 2014-09-11 09:05 - 000204800 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjpeg.dll
2014-09-11 09:14 - 2014-09-11 09:14 - 000218112 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qmng.dll
2014-09-11 09:08 - 2014-09-11 09:08 - 000015872 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qsvg.dll
2014-09-11 09:14 - 2014-09-11 09:14 - 000015360 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtga.dll
2014-09-11 09:15 - 2014-09-11 09:15 - 000307712 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtiff.dll
2014-09-11 09:15 - 2014-09-11 09:15 - 000014848 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwbmp.dll
2014-09-11 09:15 - 2014-09-11 09:15 - 000252928 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwebp.dll
2016-04-08 16:35 - 2016-04-08 16:35 - 003481600 _____ () C:\Users\Ryan Nakai\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
2017-06-22 20:56 - 2017-06-22 20:56 - 000325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2017-01-16 05:40 - 2017-01-16 05:40 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2017-10-04 15:22 - 2017-10-03 04:21 - 000771904 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-10-04 15:22 - 2017-10-03 04:21 - 001804608 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-09-21 12:54 - 2017-10-03 04:21 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-01-23 17:26 - 2017-10-03 04:21 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-01-23 17:26 - 2017-10-03 04:22 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-01-23 17:26 - 2017-10-03 04:21 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-10-04 15:22 - 2017-10-03 04:21 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-10-04 15:22 - 2017-10-03 04:21 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-01-23 17:26 - 2017-10-03 04:21 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-01-23 17:26 - 2017-10-03 04:21 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-10-04 15:22 - 2017-10-03 04:21 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-04-26 15:53 - 2017-10-03 04:21 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-10-04 15:22 - 2017-10-03 04:21 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-01-23 17:26 - 2017-10-03 04:22 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-01-23 17:26 - 2017-10-03 04:21 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-04-26 15:53 - 2017-10-03 04:21 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-04-26 15:53 - 2017-10-03 04:21 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-01-23 17:26 - 2017-10-03 04:21 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-01-23 17:26 - 2017-10-03 04:21 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000154440 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000045888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000101184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-10-04 15:22 - 2017-10-03 04:21 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-10-04 15:22 - 2017-10-03 04:22 - 000032600 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-10-04 15:22 - 2017-10-03 04:21 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-10-04 15:22 - 2017-10-03 04:22 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-09-21 12:54 - 2017-10-03 04:22 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2017-10-04 15:22 - 2017-10-03 04:22 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-10-12 12:25 - 2017-10-12 12:25 - 000098816 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32api.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000110080 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\pywintypes27.dll
2017-10-12 12:25 - 2017-10-12 12:25 - 000364544 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\pythoncom27.dll
2017-10-12 12:25 - 2017-10-12 12:25 - 000320512 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32com.shell.shell.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000914432 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_hashlib.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 001176576 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._core_.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000806400 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._gdi_.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000816128 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._windows_.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 001067008 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._controls_.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000733184 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._misc_.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000682496 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\pysqlite2._sqlite.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000088064 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_ctypes.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000686080 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\unicodedata.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000119808 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32file.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000108544 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32security.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000007168 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\hashobjs_ext.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000017920 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\thumbnails_ext.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000088064 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\usb_ext.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000012800 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\common.time34.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000018432 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32event.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000167936 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32gui.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000046080 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_socket.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 001303552 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_ssl.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000128512 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_elementtree.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000127488 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\pyexpat.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000038912 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32inet.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000036864 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_psutil_windows.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000525208 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\windows._lib_cacheinvalidation.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000011264 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32crypt.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000123392 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._wizard.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000077312 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._html2.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000027648 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_multiprocessing.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000020480 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_yappi.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000035840 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32process.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000078848 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._animate.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000024064 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32pipe.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000010240 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\select.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000025600 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32pdh.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000017408 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32profile.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000022528 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32ts.pyd
2016-12-17 10:55 - 2017-08-16 16:28 - 073130272 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-09 19:54 - 2017-09-06 20:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2015-01-19 18:14 - 2015-09-24 17:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2017-09-27 21:31 - 2017-09-27 21:31 - 000087024 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2009-06-10 15:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\Control Panel\Desktop\\Wallpaper -> c:\users\ryan nakai\documents\r-stuff\wallpapers 1.2.5\patterns and textures\c3634531b40b2b97b30653324691b1b1.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{99123B69-F55B-406C-962C-AF31D8366049}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{9AD84985-A221-4F83-9CEE-DB09ACF1E65F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{2ECDD4B2-26F7-4789-B671-6A457B78B2BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{189741C3-8FF9-4480-86E0-82B4E7089D65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{A29268A0-6729-4674-B2E0-B568F6E9645E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F710B0D-0431-4EC6-A337-8010E5D3E56E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A57DAC2B-8EB0-48C1-8FCA-ED3FC310B1F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Retro Game Crunch\Retro Game Crunch.exe
FirewallRules: [{52BAEA47-F1A2-4C00-9D7D-77458EBF8D7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Retro Game Crunch\Retro Game Crunch.exe
FirewallRules: [{C18176B6-9B10-4EB1-9E97-C46F4CCF5105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{BBF6A2AB-122D-4CE4-937A-0CD481F14D54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{724A6F02-5017-44EC-A990-A3439C8EBD83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Peggle Nights\PeggleNights.exe
FirewallRules: [{EFB856F5-EDC7-4373-B2B9-A4173A3BFCFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Peggle Nights\PeggleNights.exe
FirewallRules: [{A65AC39F-9C68-4352-958C-777D4B3DFE1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{0560329D-E6D1-4B52-BF37-3C14A369593F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{6760F5BF-5C7E-47BA-A907-9FEFAA0D0BCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ContraptionMaker\ContraptionMaker.exe
FirewallRules: [{C5E6108E-72BB-4752-B586-69EC1667BB4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ContraptionMaker\ContraptionMaker.exe
FirewallRules: [{B8B2B5CA-A167-468D-8A1D-91D2F11EFC08}] => (Allow) C:\Users\Ryan Nakai\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{E19FFD3E-E80A-49C0-B793-FE467F2267DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{5AE08678-D30F-4ECE-9426-A2296E5A0FEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [UDP Query User{AA789855-7BBB-4AFD-A2B6-6ABF2FD47785}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [TCP Query User{BEEDA220-8B3B-4C8A-A29E-C19939DE08BA}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{286C7A8E-D56A-448F-A195-065B2FB8F707}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Peggle Extreme\PeggleExtreme.exe
FirewallRules: [{E75F5F04-1F85-4FCE-A76E-5B4C283D32F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Peggle Extreme\PeggleExtreme.exe
FirewallRules: [{86FD8C81-8BEA-410B-B4DC-FD2757997F52}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{40F7757A-2DEF-4D52-9031-C700A34D59F4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5FFDCCBB-B476-4EDD-AF84-5630DE8751BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{C4AD3EBF-8D6A-474B-86DC-B2D07C8D584B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{B351822B-F375-47DE-BCF9-678CE5352010}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe
FirewallRules: [{8F560E9A-B375-40D2-8A64-E6C2FA2FC3B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe
FirewallRules: [{535B2FF9-B77F-4182-BB32-D51BEF366A5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{7ABE7E2A-D900-4FE9-A346-F6D4219A8102}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{E194399D-1B32-4E24-8A24-FC05BC1CBD3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wizorb\Wizorb.exe
FirewallRules: [{FE7E0F51-4B28-4BAF-BDF9-2671B76AC616}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wizorb\Wizorb.exe
FirewallRules: [{6AA883B7-3088-4C39-AB73-4321F4C8F919}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{57EBDD86-C9C4-469D-A88A-210A707849BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{4C680D68-347B-4B37-BD5B-7BB645D90347}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{97309324-6947-449E-AC98-23EDC67219CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{CC549FF4-CAB0-4C60-9FD7-A9C182B877C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eversion\eversion.exe
FirewallRules: [{8A3D4E50-6C9E-40A5-875C-22912BAA1F36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eversion\eversion.exe
FirewallRules: [{927AB254-936B-4130-829B-8E62C7857553}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PCMark 8\bin\PCMark8.exe
FirewallRules: [{2D24B087-A798-4709-8A1E-93DF39FFD071}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PCMark 8\bin\PCMark8.exe
FirewallRules: [{E9A82DC3-1E6E-4DAA-BA71-3223136F0886}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9DF46346-0F19-48BC-9046-7DB61F783506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{27B15300-214F-4A5C-AC09-16BCD13BAF5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{AC776B45-91CC-476C-B6D7-BEC20AF324E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{43068E02-7408-4379-9BFF-D8F2EBDE2429}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{8CA70194-C4D4-4C42-A800-48893F67C8C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{582DD20C-4D3E-4F38-9365-9967B9D16D18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{4535524C-3A31-46AA-A3CE-AD53F73C803E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{2BF3973E-F7C1-4224-9048-5BD22C63F6E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{5F9265D6-B5F9-4F1E-A94C-4DC4EBAEABA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{A80CDC9B-46D9-4C46-8CB8-0E9BF18217F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{659A457D-B34E-44BC-BEE7-373C840E2EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{13C61C1C-C131-4933-A0FC-5392553D8923}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{9F41614C-97FE-43B7-87E6-FAFA5551D06D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{AD068A6B-0FC7-46F2-B5CC-75DBD70043EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Hexagon\superhexagon.exe
FirewallRules: [{7C5A37C4-CBFF-4DDA-A9E4-DFAB858ECC7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Hexagon\superhexagon.exe
FirewallRules: [{989FD6DD-7D5C-4C81-BFEC-03F3FDE422D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{5AA5B594-7431-4816-93D7-7C0173C3ED38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{AC62340A-E2C0-43B4-A3C5-E6DE446539D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{EB742BDF-4193-4F9B-8288-8879321CEFAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{E268A297-792E-4A45-A294-937CE256F0F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{FAAD0623-3C55-4C05-993A-35045D86C1CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{8DC6B44B-5B6E-429C-B4B5-FD9725A606A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{89AB3886-7C29-40EB-9B75-95DB221826DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{A4F95AF1-BD0B-439A-818F-95933B2DB033}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{0F8092E9-8448-4545-AFB5-A22DE37F2D66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{2089D6C5-0A8E-41AE-B8F4-5AC4CCE827F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{325F518C-350D-4ECB-A38B-E5961D6FE54A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{815E1353-28FC-421E-8754-FAD917101FFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{C6D12C77-FD1E-4C9C-BF6C-D44482DD1FB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{A949B850-94B2-46CF-895D-98BF244413BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BIT.TRIP BEAT\BEAT.exe
FirewallRules: [{347CB3EF-C616-43F9-93AE-3EFED032A711}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BIT.TRIP BEAT\BEAT.exe
FirewallRules: [{5DB713F0-91EA-4521-95B1-EE91B5F69314}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Noitu Love 2 Devolution\config.exe
FirewallRules: [{4090BC91-451A-464B-8B5A-D2AF4F1ED706}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Noitu Love 2 Devolution\config.exe
FirewallRules: [{25D7770C-58C6-4FAB-9D4B-D41B89671838}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Noitu Love 2 Devolution\nl2.exe
FirewallRules: [{8D5EE0ED-FC06-4501-891A-AC139B730022}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Noitu Love 2 Devolution\nl2.exe
FirewallRules: [UDP Query User{CE0471B1-4D26-45B2-B91C-25CB59C707E9}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{465DA2B4-F6F9-41AB-8C23-87944EC85DF4}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{50ED50AC-FF34-491E-BAEF-91217E08D068}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{171515DD-28E9-4B99-9755-BA53F812B272}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{76A0A0BB-C9C7-4D10-96B2-EA4595B85A5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{4F098576-07ED-44A6-B939-49F47679E786}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{B45C6EB1-EFDA-47C8-832D-BCEE1FE77757}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{00704251-EB0C-414B-A3F9-34540B6F8972}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{980CD676-C83B-471C-9EDF-A0DCF5244F3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{E07C2FDB-57CA-4E8F-8584-83F4F42D9F9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{7C89DBCD-DBD1-4A51-A50C-80C2BF9972CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{CC59B608-4699-4BCC-BE35-4967B93B78EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{01FC424C-01B0-4A5C-8DBB-B4A33A30B4CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Typing of the Dead Overkill\HOTD_NG.exe
FirewallRules: [{E5F80EF9-A088-4251-83A9-2F78DCCEC5E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Typing of the Dead Overkill\HOTD_NG.exe
FirewallRules: [{1629A8D2-469F-4141-8894-E832B7B57264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EDGE\edge.exe
FirewallRules: [{67C71B49-3D11-41CB-800E-5BCA794BAEC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EDGE\edge.exe
FirewallRules: [UDP Query User{5D8F56BB-74C8-42DA-8A06-6137E5A06CE2}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [TCP Query User{40483D28-5B8D-4250-B353-B7DEFE574304}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [{5F81ECB0-F187-416F-B563-88138D421B4A}] => (Allow) LPort=1900
FirewallRules: [{BAA9C1CF-0A0D-40EA-8E38-53AB51939343}] => (Allow) LPort=2869
FirewallRules: [{B7D1920E-03D9-45B2-8EE3-433472236E36}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6EAB3C87-F5E1-4667-A63C-FBFA0EAA4977}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Adventure 2\Launcher.exe
FirewallRules: [{EF1B7469-2F83-4986-B1F4-B3BAC7812C0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Adventure 2\Launcher.exe
FirewallRules: [UDP Query User{77A9F624-1464-4ECF-ABB0-FA07BB8D46C3}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{D5E491AA-92FB-483C-82E6-339702729A32}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{F60247A5-5E88-4609-BD10-CEBF55D02D4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{74A65BB6-3117-43B2-B7D0-0987B6BFB544}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [UDP Query User{6E3A34B7-C8A4-488C-A7BC-CC8872D98894}C:\users\ryan nakai\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ryan nakai\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{815E741A-F708-4C19-A985-D58FFF5082C8}C:\users\ryan nakai\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ryan nakai\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{A28138A5-BD8D-40F3-8738-320B0AF6C90B}C:\program files (x86)\makemkv\makemkvcon64.exe] => (Allow) C:\program files (x86)\makemkv\makemkvcon64.exe
FirewallRules: [TCP Query User{BD6FDF31-D9AF-4F6A-8839-2EB72FE2C13D}C:\program files (x86)\makemkv\makemkvcon64.exe] => (Allow) C:\program files (x86)\makemkv\makemkvcon64.exe
FirewallRules: [{1E5CFEFD-1361-4FC1-88C3-C72340D70E39}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E8027A51-98E3-4531-BD1E-21EABE99C48B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{1B1EA51D-E185-4757-B68F-058ED4088110}J:\portableapps\lanmessengerportable\app\lanmessenger\lmc.exe] => (Allow) J:\portableapps\lanmessengerportable\app\lanmessenger\lmc.exe
FirewallRules: [TCP Query User{2F836463-65AF-4437-BB31-1BC741343282}J:\portableapps\lanmessengerportable\app\lanmessenger\lmc.exe] => (Allow) J:\portableapps\lanmessengerportable\app\lanmessenger\lmc.exe
FirewallRules: [{241A381E-BB20-4782-9FBF-21B3BCC7146C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{9842E21D-4A30-494D-AD0F-39D677FB65F4}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{BE0A011F-A2FB-4192-91EB-2E7DD86902A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{1DE85618-A800-4734-8EF7-ACAF4B6CB4D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{99962BDC-C549-4562-BC0D-B0828F1AD21C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pink Heaven\PinkHeaven.exe
FirewallRules: [{F5DA0CA8-CB54-4214-8268-D0F4E44DA08E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pink Heaven\PinkHeaven.exe
FirewallRules: [{C4F36EBD-17D5-458B-A874-3EF18608A60D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pink Hour\PinkHour.exe
FirewallRules: [{CE8F7008-F9D4-4521-9CD1-8EF92844FB9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pink Hour\PinkHour.exe
FirewallRules: [{90D274C6-DBC5-4EDD-8AAB-A0520063A980}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DE2C0E49-86DB-4C3E-97D3-B4CA88F7B484}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AD64A23B-1A2E-4992-B340-30C89E246593}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mighty Switch Force! Hose It Down!\HoseItDown.exe
FirewallRules: [{7C0CA58B-8C11-4537-8AFC-4423D220433B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mighty Switch Force! Hose It Down!\HoseItDown.exe
FirewallRules: [{83E0EC28-DFE3-4B41-B3BE-6277D2627E2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm7.exe
FirewallRules: [{581626F8-FD6A-4503-AA49-507CA4EF59EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm7.exe
FirewallRules: [{09E0B2C6-62F7-4423-A32C-8066B657DA85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm5.exe
FirewallRules: [{E8EE5830-455D-463D-BFF6-19FE1AD7CEF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm5.exe
FirewallRules: [{437F58D2-121D-4161-A672-562C5B3C60AB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B534FD21-433E-44E7-B638-A4DEF76F0B9E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{427066B3-A4BC-4524-B212-ABD2B7CD4211}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitB\8BB.exe
FirewallRules: [{17F357CE-6E1C-4645-810D-2D1F0370FA90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitB\8BB.exe
FirewallRules: [TCP Query User{4D90F1E0-4031-4C81-8912-62CA25AD038B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3DA30484-194E-4837-86A2-2552DE50D1CE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{7DFC39AD-56BC-4055-9E6F-80FB0AD7CED8}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe
FirewallRules: [{FF4B6C72-5AB8-4DD2-837D-B89E922F89F6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F1319CB0-04AF-47B4-ADC2-2D5178E4570B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{02C518C1-39FB-40E6-8DFA-DE51830F6857}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{C1D19D5D-3948-4EAB-A997-B32A53A0D755}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
__
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2017-10-12 17:00:12
-----------------------------
17:00:12.159 OS Version: Windows x64 6.2.9200
17:00:12.159 Number of processors: 6 586 0xA00
17:00:12.160 ComputerName: LICORICE-PC UserName: Ryan Nakai
17:00:17.319 Initialize success
17:00:17.381 VM: initialized successfully
17:00:17.385 VM: Amd CPU BiosDisabled
17:10:38.783 AVAST engine defs: 17030301
17:20:14.632 The log file has been saved successfully to "C:\Users\Ryan Nakai\Desktop\aswMBR.txt"
any help will be most appreciated.
Here is the logs.
___
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2017
Ran by Ryan Nakai (administrator) on LICORICE-PC (12-10-2017 17:22:44)
Running from C:\Users\Ryan Nakai\Desktop
Loaded Profiles: Ryan Nakai (Available Profiles: Ryan Nakai & DefaultAppPool)
Platform: Windows 10 Pro 170602-2340 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Windows\System32\GManager.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
() C:\Windows\System32\mlpatch.exe
(Foxit Software Inc.) C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Magic Control Technology Corporation) C:\Program Files (x86)\Common Files\DesktopUtil\MCTDUtil.exe
(Magic Control Technology Corporation) C:\Program Files (x86)\Common Files\DesktopUtil\FDispPos.exe
(Magic Control Technology Corporation) C:\Program Files (x86)\MCT Corp\UVTP100\Driver\TUCCDUTIL\TUCCD.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Google Inc.) C:\Users\Ryan Nakai\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(Google, Inc) C:\Users\Ryan Nakai\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MCTDUtil] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [FDispPos] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [TUCCDUtil] => C:\Program Files (x86)\MCT Corp\UVTP100\Driver\TUCCDUTIL\TUCCD.exe [1895120 2016-02-19] (Magic Control Technology Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5088872 2017-08-07] (Box, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-07-21] (Razer Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3481912 2017-10-03] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [Google Update] => C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [MusicManager] => C:\Users\Ryan Nakai\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7643136 2016-02-01] (Google Inc.)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3101984 2017-10-11] (Valve Corporation)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25622168 2017-08-31] (Google)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2017-09-27] (Glarysoft Ltd)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [Google Photos Backup] => C:\Users\Ryan Nakai\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Run: [GoogleChromeAutoLaunch_01263A5253C555C4A9D4CAD3ADB95ECB] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\RunOnce: [Uninstall C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ryan Nakai\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\MountPoints2: {69802939-7361-11e5-9bcc-d48564b6502e} - "I:\VerizonSWUpgradeAssistantLauncher.exe"
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-02-13]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-09-22]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{69b9a6f4-8ea2-49ce-9859-b593bb2652a7}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-08-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-08-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-09-19] (DVDVideoSoft Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-10-29] (DVDVideoSoft Ltd.)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default [2017-10-08]
FF user.js: detected! => C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\user.js [2014-11-04]
FF Extension: (Click&Clean) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\clickclean@hotcleaner.com [2016-05-01]
FF Extension: (Pocket) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\isreaditlater@ideashower.com [2015-05-30]
FF Extension: (NoScript) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-09-28]
FF Extension: (WOT) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2017-09-28]
FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-01-13] [not signed]
FF Extension: (Video DownloadHelper) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-06-04]
FF Extension: (Adblock Plus) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-11]
FF Extension: (DownThemAll!) - C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-01]
FF SearchPlugin: C:\Users\Ryan Nakai\AppData\Roaming\Mozilla\Firefox\Profiles\7fsthnf9.default\searchplugins\youtube-video-search.xml [2013-05-21]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_159.dll [2017-10-10] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_159.dll [2017-10-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-02-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-02-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-02-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-02-28] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3813752901-3998910076-3428625962-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3813752901-3998910076-3428625962-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3813752901-3998910076-3428625962-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ryan Nakai\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-24] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "chrome://apps/"
CHR NewTab: Default -> Active:"chrome-extension://dbfmnekepjoapopniengjbcpnbljalfg/index.html"
CHR Profile: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default [2017-10-12]
CHR Extension: (Slides) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Type Case) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgojplakjihkbpjdemlbedkkgpbojeg [2016-12-17]
CHR Extension: (Just Type) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbmjhlgdihdaebioelepgldgojpkjag [2014-07-19]
CHR Extension: (Docs) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Desmos Graphing Calculator) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhdheahnajobgndecdbggfmcojekgdko [2014-04-16]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-07-12]
CHR Extension: (YouTube) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Solitaire) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim [2016-12-16]
CHR Extension: (Honey) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-10-10]
CHR Extension: (eBay) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2014-04-09]
CHR Extension: (HTML5 Analog Clock) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbfcckmhbpkjgfcnbgfmdodnlokimjdc [2014-05-11]
CHR Extension: (Adblock Plus) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-28]
CHR Extension: (Pushbullet) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2017-10-09]
CHR Extension: (Add to Amazon Wish List) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2016-06-02]
CHR Extension: (Google Search) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Infinity New Tab) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbfmnekepjoapopniengjbcpnbljalfg [2017-09-06]
CHR Extension: (Calculator) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\decmldkknaaemlafplkkdmmmelbdnlja [2017-09-27]
CHR Extension: (Polarr Photo Editor) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2017-06-18]
CHR Extension: (Timer) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2013-05-20]
CHR Extension: (Google Calendar) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (Box) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2015-04-29]
CHR Extension: (AudioRecorder) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\enhfkjkjfhhdibpgjmiamdcdgmcjpplk [2015-10-05]
CHR Extension: (Google Play Music) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2017-09-28]
CHR Extension: (Sheets) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Play Movies) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\fppdphmgcddhjeddoeghpjefkdlccljb [2013-02-16]
CHR Extension: (Calendar Clock) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\galgfocamdohgeifjlbefkfpaalankfi [2016-07-22]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-08-23]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2017-10-09]
CHR Extension: (Digital Clock) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2013-05-15]
CHR Extension: (Google Docs Offline) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-16]
CHR Extension: (Planetarium) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2015-08-07]
CHR Extension: (AdBlock) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-04]
CHR Extension: (History Eraser) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2017-09-24]
CHR Extension: (Google Keep - notes and lists) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-10-11]
CHR Extension: (Clock) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoihofapbdnldlhecnhefifbcddgdkhm [2014-05-11]
CHR Extension: (Crackle) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2015-09-09]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-07-18]
CHR Extension: (Google Play Music) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-07]
CHR Extension: (The Weather Channel for Chrome) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2013-02-11]
CHR Extension: (1-click-timer) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\igloknlllonknnbkfgggfkigmeegmakf [2017-03-05]
CHR Extension: (Dropbox) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-06-30]
CHR Extension: (Voice to Text) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcdafhjjjfnkoeilnjmnadadaoehgdc [2017-08-04]
CHR Extension: (Matthew Bauer) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhficiigpnhhaojldmanflihieepanbb [2016-01-05]
CHR Extension: (Pocket Website) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap [2013-07-19]
CHR Extension: (History Eraser App) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjolhjmdgbhebcdnfjhngobjggghoipa [2016-07-15]
CHR Extension: (Calculator) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\joodangkbfjnajiiifokapkpmhfnpleo [2016-05-17]
CHR Extension: (Google Play) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-02-11]
CHR Extension: (The Gansberg Clock) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhecpmapflhhdpcnpedpcaabolnapcae [2013-05-15]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2014-04-16]
CHR Extension: (BehindTheOverlay) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljipkdpcjbmhkdjjmbbaggebcednbbme [2016-10-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-07]
CHR Extension: (Google Maps) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-18]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2017-08-15]
CHR Extension: (Spelunky HTML5) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhagnkphcmpkmabhocgimoncfaihkpof [2015-05-29]
CHR Extension: (Google Drawings) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2015-09-26]
CHR Extension: (Google Play Books) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2016-04-22]
CHR Extension: (QR Code Generator) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\nanmadekhdoofgmhichkcjlgiofmofbl [2013-02-11]
CHR Extension: (PDF Merge - PDF Files Merger) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndolbcaghkmhjhgggldkgjibdilpbdbm [2017-10-04]
CHR Extension: (OneDrive) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2015-08-18]
CHR Extension: (Save to Pocket) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Scientific Calculator) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\npoipmeppdioagbkigdlnpmjphnolaog [2017-08-31]
CHR Extension: (Weather Underground) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2015-05-12]
CHR Extension: (Gmail) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-28]
CHR Extension: (Cool Metronome) - C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Extensions\polmfiinlikaadclgdojekfaoglellgm [2015-12-24]
CHR Profile: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-01-14]
CHR HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-13] (Adobe Systems) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [36680 2017-08-07] (Box, Inc.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe [71512 2017-07-31] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3059440 2017-07-18] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-28] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51016 2017-10-03] (Dropbox, Inc.)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-02-24] (Foxit Software Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-10-15] (Futuremark)
R2 GManager; C:\Windows\system32\GManager.exe [313432 2012-08-28] ()
R2 MCTDesktopSvr; C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] ()
R2 MlPatch; C:\WINDOWS\system32\MlPatch.exe [2244912 2014-08-22] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-19] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-11] (Realtek Semiconductor)
U2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-06-03] (Microsoft Corporation)
S2 DigitalWave.Update.Service; "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2017-01-27] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-11] (Samsung Electronics Co., Ltd.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-05] (Glarysoft Ltd)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-10-12] (Malwarebytes)
R3 mctkmd; C:\WINDOWS\system32\drivers\mctkmd64.sys [172752 2016-02-03] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\WINDOWS\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
R1 MpKsl9c8c92a3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{84CCD30E-420D-4C18-A888-00299F654723}\MpKsl9c8c92a3.sys [58120 2017-10-12] (Microsoft Corporation)
S1 MpKsld4969ecd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{84CCD30E-420D-4C18-A888-00299F654723}\MpKsld4969ecd.sys [58120 2017-10-11] () [File not signed]
R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-07-18] (Razer, Inc.)
S3 SaiH0461; C:\WINDOWS\system32\DRIVERS\SaiH0461.sys [178432 2017-06-22] (Saitek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-11] (Samsung Electronics Co., Ltd.)
R3 t1pusb64; C:\WINDOWS\system32\drivers\t1pusb64.sys [156424 2016-04-08] (Magic Control Technology Corp.)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 aswMBR; C:\Users\Ryan Nakai\AppData\Local\Temp\aswMBR.sys [62728 2017-10-12] () [File not signed] <==== ATTENTION
U3 aswVmm; C:\Users\Ryan Nakai\AppData\Local\Temp\aswVmm.sys [224896 2017-10-12] () <==== ATTENTION
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-12 17:22 - 2017-10-12 17:22 - 000040135 _____ C:\Users\Ryan Nakai\Desktop\FRST.txt
2017-10-12 17:20 - 2017-10-12 17:20 - 000000564 _____ C:\Users\Ryan Nakai\Desktop\aswMBR.txt
2017-10-12 16:24 - 2017-10-12 16:24 - 000000000 ____D C:\FRST
2017-10-12 16:21 - 2017-10-12 17:00 - 005198336 _____ (AVAST Software) C:\Users\Ryan Nakai\Desktop\aswMBR.exe
2017-10-12 16:19 - 2017-10-12 16:24 - 002401792 _____ (Farbar) C:\Users\Ryan Nakai\Desktop\FRST64.exe
2017-10-12 12:36 - 2017-10-12 12:36 - 000000000 ___HD C:\OneDriveTemp
2017-10-12 12:24 - 2017-10-12 12:24 - 000016148 _____ C:\WINDOWS\system32\LICORICE-PC_Ryan Nakai_HistoryPrediction.bin
2017-10-12 11:53 - 2017-10-12 11:53 - 000388608 _____ (Trend Micro Inc.) C:\Users\Ryan Nakai\Desktop\HijackThis.exe
2017-10-12 11:48 - 2017-10-12 11:48 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-10-12 11:44 - 2017-10-12 11:44 - 000001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-10-12 11:44 - 2017-10-12 11:44 - 000001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-10-12 11:44 - 2017-10-12 11:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-10-12 11:43 - 2017-10-12 11:45 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-10-12 11:43 - 2017-10-12 11:44 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-10-12 11:43 - 2017-05-23 09:22 - 000032240 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2017-10-12 11:39 - 2017-10-12 11:43 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\Ryan Nakai\Downloads\spybotsd-2.6.46.exe
2017-10-12 11:30 - 2017-10-12 11:33 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2017-10-12 11:30 - 2017-10-12 11:30 - 000000000 ____D C:\ProgramData\SUPERSetup
2017-10-12 11:30 - 2017-10-12 11:30 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-10-12 11:30 - 2017-10-12 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-10-12 11:28 - 2017-10-12 11:28 - 000425304 _____ (Secure By Design Inc.) C:\Users\Ryan Nakai\Downloads\Ninite SUPERAntiSpyware Installer.exe
2017-10-12 11:04 - 2017-10-12 11:04 - 000001171 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2017-10-11 19:05 - 2017-10-11 19:05 - 006614768 _____ C:\Users\Ryan Nakai\Downloads\1507765328.orange-peel_pkmrescue_fla.swf
2017-10-10 11:59 - 2017-10-10 11:59 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-07 20:08 - 2017-10-07 20:08 - 003924286 _____ C:\Users\Ryan Nakai\Downloads\1507366426474.webm
2017-10-07 18:36 - 2017-10-07 19:08 - 000000000 ____D C:\Users\Ryan Nakai\Desktop\New folder
2017-10-06 21:25 - 2017-10-07 01:55 - 1647968256 _____ C:\Users\Ryan Nakai\Desktop\linuxmint-18.2-xfce-64bit.iso
2017-10-05 23:34 - 2017-10-05 23:34 - 000136375 _____ C:\Users\Ryan Nakai\Downloads\Lesson 4 - Ethics Scenarios 1.pdf
2017-10-04 15:22 - 2017-10-04 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-03 04:21 - 2017-10-03 04:21 - 000051016 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-10-03 04:21 - 2017-10-03 04:21 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-10-03 04:21 - 2017-10-03 04:21 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-10-03 04:21 - 2017-10-03 04:21 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-09-29 16:06 - 2017-09-29 16:06 - 000360466 _____ C:\Users\Ryan Nakai\Downloads\1445763477.siroc_mm_son_wip1.swf
2017-09-29 11:41 - 2017-09-29 11:42 - 007026214 _____ C:\Users\Ryan Nakai\Downloads\1506706468.orange-peel_zapdos_special_versiond.swf
2017-09-28 23:06 - 2017-09-28 23:06 - 000001362 _____ C:\Users\Ryan Nakai\Desktop\CnD Chicken
2017-09-28 15:24 - 2017-09-28 15:24 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2017-09-26 12:56 - 2017-09-26 12:57 - 000000000 ____D C:\Users\Ryan Nakai\Downloads\Madoka pnm
2017-09-23 16:36 - 2017-09-23 16:38 - 006635333 _____ C:\Users\Ryan Nakai\Downloads\2a62ecfd585bc41749d2e094219295af.swf
2017-09-23 10:54 - 2017-09-23 10:54 - 000675939 _____ C:\Users\Ryan Nakai\Downloads\1852459 - Cutepet Sailor_Moon Usagi_Tsukino.jpeg
2017-09-22 16:56 - 2017-09-22 16:56 - 000234842 _____ C:\Users\Ryan Nakai\Downloads\make-model-scatter-dot-blue-green-reversible-strapless-bandeau-bra-product-2-3047491-643272225.jpeg
2017-09-22 16:55 - 2017-09-22 16:55 - 000256691 _____ C:\Users\Ryan Nakai\Downloads\make-model-rainbow-check-lilac-sheer-reversible-strapless-bandeau-bra-product-2-4299888-174110365.jpeg
2017-09-20 16:34 - 2017-09-20 16:35 - 022214921 _____ C:\Users\Ryan Nakai\Downloads\Ghost.swf
2017-09-18 16:55 - 2017-09-18 16:55 - 001937674 _____ C:\Users\Ryan Nakai\Downloads\DD_CA10Df.swf
2017-09-18 16:55 - 2017-09-18 16:55 - 001883481 _____ C:\Users\Ryan Nakai\Downloads\DD_BA1Df.swf
2017-09-18 16:52 - 2017-09-18 16:53 - 007635217 _____ C:\Users\Ryan Nakai\Downloads\DD_AA10Df_S.swf
2017-09-16 20:30 - 2017-09-16 20:30 - 000240334 _____ C:\Users\Ryan Nakai\Downloads\1505205833.diives_lopunny_ball_nsfw_released_swf.swf
2017-09-16 11:10 - 2017-09-16 11:12 - 008812312 _____ C:\Users\Ryan Nakai\Downloads\2031073_Pherion_patreon360p.swf
2017-09-14 23:33 - 2017-09-14 23:33 - 000057790 _____ C:\Users\Ryan Nakai\Downloads\How to Read a Recipe by Alton Brown.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-12 16:47 - 2015-12-28 20:01 - 000000940 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-10-12 12:36 - 2014-11-28 17:14 - 000000000 ___RD C:\Users\Ryan Nakai\OneDrive
2017-10-12 12:32 - 2014-11-04 12:30 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2017-10-12 12:30 - 2015-08-02 22:42 - 001005662 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-12 12:30 - 2015-07-10 05:02 - 000000000 ____D C:\WINDOWS\INF
2017-10-12 12:28 - 2013-02-14 17:16 - 000000000 ___RD C:\Users\Ryan Nakai\Google Drive
2017-10-12 12:28 - 2013-02-13 22:37 - 000000000 ____D C:\Program Files (x86)\Steam
2017-10-12 12:24 - 2015-12-28 20:01 - 000000936 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-10-12 12:24 - 2013-08-06 15:54 - 000002802 _____ C:\WINDOWS\system32\GManager.ini
2017-10-12 12:23 - 2015-07-10 06:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-12 11:11 - 2017-01-26 22:58 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-10-12 11:04 - 2014-11-04 12:30 - 000003398 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2017-10-12 11:04 - 2014-11-04 12:30 - 000003044 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2017-10-12 11:04 - 2014-11-04 12:30 - 000001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2017-10-11 23:25 - 2015-07-10 05:04 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-11 23:25 - 2015-07-10 05:04 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-11 18:22 - 2017-06-30 12:18 - 000000809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2017-10-11 18:22 - 2017-06-30 12:18 - 000000797 _____ C:\Users\Ryan Nakai\Desktop\Windows 10 Update Assistant.lnk
2017-10-11 18:22 - 2016-09-30 12:50 - 000000000 ____D C:\Windows10Upgrade
2017-10-10 20:19 - 2013-02-11 19:52 - 000000000 ____D C:\Users\Ryan Nakai\AppData\Roaming\vlc
2017-10-10 18:41 - 2013-02-12 23:08 - 000000000 ____D C:\Users\Ryan Nakai\AppData\Roaming\XnView
2017-10-10 15:28 - 2016-09-30 12:52 - 000000000 ___HD C:\$GetCurrent
2017-10-10 15:28 - 2013-02-11 17:05 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2017-10-10 15:28 - 2013-02-11 17:05 - 000001908 _____ C:\WINDOWS\diagerr.xml
2017-10-10 15:27 - 2017-06-30 17:47 - 000000036 _____ C:\WINDOWS\progress.ini
2017-10-10 15:22 - 2015-08-02 23:08 - 000000430 __RSH C:\Users\Ryan Nakai\ntuser.pol
2017-10-10 15:22 - 2015-08-02 22:43 - 000000000 ____D C:\Users\Ryan Nakai
2017-10-10 15:22 - 2013-02-13 19:56 - 000000400 __RSH C:\ProgramData\ntuser.pol
2017-10-10 12:23 - 2016-10-21 22:12 - 000004554 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-10 12:23 - 2015-07-10 05:04 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-10 12:23 - 2015-07-10 05:04 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-10 12:06 - 2013-08-14 22:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-10 11:59 - 2013-02-12 13:04 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-06 16:55 - 2013-08-15 16:38 - 000000000 ____D C:\Users\Ryan Nakai\AbiSuite
2017-10-06 16:28 - 2015-07-10 03:05 - 000131072 ___SH C:\WINDOWS\system32\config\BBI
2017-10-05 19:42 - 2017-07-20 22:45 - 000000000 ____D C:\Program Files\rempl
2017-10-05 13:33 - 2016-11-24 17:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-05 13:33 - 2013-02-14 20:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-04 15:23 - 2015-12-28 20:01 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-09-26 15:39 - 2013-02-11 18:54 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-20 22:45 - 2016-12-23 11:57 - 000000000 ____D C:\Users\Ryan Nakai\AppData\LocalLow\Mozilla
2017-09-20 11:20 - 2015-07-10 05:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-20 11:19 - 2014-11-28 16:14 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-09-20 11:05 - 2015-07-10 05:04 - 000000000 ____D C:\WINDOWS\rescache
2017-09-19 12:46 - 2017-07-24 21:29 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3813752901-3998910076-3428625962-1001
2017-09-19 12:46 - 2015-08-02 23:17 - 000002423 _____ C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-16 10:16 - 2013-02-14 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
==================== Files in the root of some directories =======
2015-08-16 00:59 - 2015-08-16 00:59 - 000000000 _____ () C:\Program Files\Microsoft Security Client
2015-08-22 01:27 - 2015-08-22 01:27 - 000000000 _____ () C:\Program Files (x86)\ATI Technologies
2015-08-16 00:59 - 2015-08-16 00:59 - 000000000 _____ () C:\Program Files (x86)\Common Files\AMD
2013-03-08 23:04 - 2013-04-16 23:19 - 000096418 _____ () C:\Users\Ryan Nakai\AppData\Roaming\Logs
2013-04-01 13:37 - 2013-04-01 13:37 - 000109298 _____ (Microsoft Corporation) C:\Users\Ryan Nakai\AppData\Roaming\MSWINSCK.OCX
2005-04-07 20:16 - 2013-03-09 01:48 - 000005200 ____H () C:\Users\Ryan Nakai\AppData\Roaming\Ryan Nakailog.dat
2016-05-30 19:55 - 2016-05-30 19:55 - 000000218 _____ () C:\Users\Ryan Nakai\AppData\Local\recently-used.xbel
2013-05-17 22:42 - 2013-05-17 22:42 - 000000017 _____ () C:\Users\Ryan Nakai\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
2017-08-02 09:12 - 2017-08-02 09:12 - 001786128 _____ (Microsoft Corporation) C:\Users\Ryan Nakai\AppData\Local\Temp\mpam-224de45.exe
2017-09-25 19:49 - 2017-09-25 19:54 - 018624784 _____ (Microsoft Corporation) C:\Users\Ryan Nakai\AppData\Local\Temp\mpam-9ad71ab3.exe
2017-07-21 20:26 - 2017-09-24 14:21 - 006457520 _____ (Microsoft Corporation) C:\Users\Ryan Nakai\AppData\Local\Temp\Windows10Upgrade.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
__
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2017
Ran by Ryan Nakai (12-10-2017 17:26:41)
Running from C:\Users\Ryan Nakai\Desktop
Windows 10 Pro 170602-2340 (X64) (2015-08-03 05:08:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3813752901-3998910076-3428625962-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3813752901-3998910076-3428625962-503 - Limited - Disabled)
Guest (S-1-5-21-3813752901-3998910076-3428625962-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3813752901-3998910076-3428625962-1004 - Limited - Enabled)
Ryan Nakai (S-1-5-21-3813752901-3998910076-3428625962-1001 - Administrator - Enabled) => C:\Users\Ryan Nakai
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
8-Bit Bayonetta (HKLM\...\Steam App 567090) (Version: - PlatinumGames, Bitbaboon)
AbiWord 2.8.6 (HKLM-x32\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.159 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.159 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
AlphaSmart AlphaBeam 3.2 (HKLM-x32\...\AlphaSmart AlphaBeam 3.2) (Version: - )
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audacity 2.1.3 (HKLM-x32\...\AudacityŽ_is1) (Version: 2.1.3 - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games)
BIT.TRIP BEAT (HKLM-x32\...\Steam App 63700) (Version: - Gaijin Games)
Box Sync (HKLM\...\{0653E263-C86D-44AB-AE83-25407370FCE1}) (Version: 4.0.7848.0 - Box, Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
Chipamp (HKLM-x32\...\Chipamp) (Version: 1.0 - OverClocked ReMix)
Chrome Remote Desktop Host (HKLM-x32\...\{BAD014C7-DB71-474A-AC68-F06FAE17A949}) (Version: 61.0.3163.20 - Google Inc.)
Contraption Maker (HKLM-x32\...\Steam App 241240) (Version: - Spotkin)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 36.4.22 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version: - 3D Realms)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
DVDFab 9.1.8.8 (13/02/2015) (HKLM-x32\...\DVDFab 9 US_is1) (Version: - Fengtao Software Inc.)
EDGE (HKLM-x32\...\Steam App 38740) (Version: - Two Tribes)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Eversion (HKLM-x32\...\Steam App 33680) (Version: - Zaratustra Productions)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - )
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FocusWriter (HKLM-x32\...\FocusWriter) (Version: 1.5.7 - Graeme Gott)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.2.1.6871 - Foxit Software Inc.)
Free FLV to MP4 Converter 1.0.28 (HKLM-x32\...\{B00D1F02-C556-48eb-9DC2-32C778B71CE2}_is1) (Version: 1.0.28 - free-videoconverter)
Futuremark SystemInfo (HKLM-x32\...\{B8E78E04-6020-4CD2-BEAB-7BB6E9EF75C3}) (Version: 4.22.211 - Futuremark)
Glary Utilities 5.85 (HKLM-x32\...\Glary Utilities 5) (Version: 5.85.0.106 - Glarysoft Ltd)
Google Chrome (HKLM\...\{C1FECBCE-6D6B-3040-A62C-A205863357F6}) (Version: 61.0.3163.100 - Google, Inc.)
Google Drive (HKLM-x32\...\{F9A2761E-C1E4-4384-92A3-5732C9738327}) (Version: 2.34.6717.9565 - Google, Inc.)
Google Photos Backup (HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Ikaruga (HKLM\...\Steam App 253750) (Version: - Treasure)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
Inkscape 0.92.1 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.92 - inkscape.org)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
KB4023057 (HKLM\...\{0C050BEE-16BE-4998-8959-2A421433DB6E}) (Version: 2.5.0.0 - Microsoft Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LibreOffice 5.3.1.2 (HKLM\...\{9A2A4317-64E9-4631-997A-F2C4F8A512C7}) (Version: 5.3.1.2 - The Document Foundation)
MakeMKV v1.10.7 (HKLM-x32\...\MakeMKV) (Version: v1.10.7 - GuinpinSoft inc)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4963.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mighty Switch Force! Hose It Down! (HKLM-x32\...\Steam App 375310) (Version: - WayForward)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mozilla Thunderbird 52.2.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.2.1 (x86 en-US)) (Version: 52.2.1 - Mozilla)
Music Manager (HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\MusicManager) (Version: - Google, Inc.)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)
My Game Long Name (HKLM\...\UDK-9c727eda-b1c8-4d60-a336-76dd5b849c08) (Version: - Epic Games, Inc.)
Noitu Love 2 Devolution (HKLM-x32\...\Steam App 207530) (Version: - Joakim Sandberg)
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4963.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4963.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4963.1002 - Microsoft Corporation) Hidden
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version: - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version: - Mine Loader Software Co., Ltd.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
PDFBinder (HKLM-x32\...\{8BA03AC2-579F-41CD-A250-740137D86F7A}) (Version: 1.0.0 - Malamute.dk)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.1 - pdfforge GmbH)
Peggle Deluxe (HKLM-x32\...\Steam App 3480) (Version: - PopCap Games, Inc.)
Peggle Extreme (HKLM-x32\...\Steam App 3483) (Version: - PopCap Games, Inc.)
Peggle Nights (HKLM-x32\...\Steam App 3540) (Version: - PopCap Games, Inc.)
Pepakura Designer 4 (HKLM-x32\...\pepakura_designer4en) (Version: - TamaSoftware)
Pink Heaven (HKLM-x32\...\Steam App 409690) (Version: - Studio Pixel)
Pink Hour (HKLM-x32\...\Steam App 409670) (Version: - Studio Pixel)
PNotes.NET 3.0.1.5 (HKLM-x32\...\{02384F4C-1820-49E9-9D03-81F27EEE1224}_is1) (Version: 3.0.1.5 - Andrey Gruber)
Princess Remedy in a World of Hurt (HKLM\...\Steam App 407900) (Version: - Ludosity)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Race The Sun (HKLM-x32\...\Steam App 253030) (Version: - Flippfly LLC)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.721 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Respondus LockDown Browser (HKLM-x32\...\{C0E5147E-C9F3-4360-9ED0-2E875F11766C}) (Version: 1.02.0001 - Respondus, Inc.)
Respondus LockDown Browser 2 (HKLM-x32\...\{BBC7F69B-7A94-41E9-8A4B-B55A8D06431F}) (Version: 2.00.0000 - Respondus)
Retro Game Crunch (HKLM-x32\...\Steam App 290040) (Version: - Rusty Moyher)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Should I Remove It (HKLM-x32\...\{4E62123C-4C0D-4123-A8A2-C0103B92D7EA}) (Version: 1.0.4 - Reason Software Company Inc.) Hidden
Should I Remove It (HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Skullgirls (HKLM-x32\...\Steam App 245170) (Version: - Lab Zero Games)
Skullgirls ∞Endless Beta∞ (HKLM-x32\...\Steam App 208610) (Version: - )
Sonic Adventure 2 (HKLM-x32\...\Steam App 213610) (Version: - SEGA)
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Amazing Wagon Adventure (HKLM-x32\...\Steam App 250500) (Version: - sparsevector)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version: - Terry Cavanagh)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1248 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
The Typing of The Dead: Overkill (HKLM-x32\...\Steam App 246580) (Version: - Modern Dream)
TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom)
Trigger External Graphics Family 16.02.0315.0179 (HKLM-x32\...\{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Version: 16.02.0315.0179 - MCT Corp)
Undertale (HKLM-x32\...\Steam App 391540) (Version: - tobyfox)
Unity Web Player (HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
UpdateAssistant (HKLM-x32\...\{DE45508F-369E-4476-8F19-088F4933340E}) (Version: 1.8.0.0 - Microsoft Corporation) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Wizorb (HKLM-x32\...\Steam App 207420) (Version: - Tribute Games)
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.29.2\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3813752901-3998910076-3428625962-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Ryan Nakai\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ BoxSyncFileLocked] -> {2a607da5-abe8-358e-a881-c0f5faf2d3a5} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncFileLockedByOther] -> {f7d2951f-0b6b-346c-99ec-69cffc30a364} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncNotSynced] -> {5ea95e3d-3e46-3812-b03c-49785fa67d41} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncProblem] -> {a88b7184-bfa1-3d14-8efb-2225df9699bc} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ BoxSyncSynced] -> {c89f9943-8f58-3eca-bd55-a658f53b2f48} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [BoxContextMenuClient] -> {4a9f9d0f-60bd-3164-a67d-4f811da1eea0} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-02-15] (Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2011-10-26] ()
ContextMenuHandlers1: [TeraCopyS64] -> {A764EEF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2011-10-26] ()
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2011-10-26] ()
ContextMenuHandlers2: [TeraCopyS64] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2011-10-26] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [BoxContextMenuClient] -> {4a9f9d0f-60bd-3164-a67d-4f811da1eea0} => C:\Windows\system32\mscoree.dll [2015-07-10] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2011-10-26] ()
ContextMenuHandlers4: [TeraCopyS64] -> {A764EEF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2011-10-26] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-10-03] (Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2011-10-26] ()
ContextMenuHandlers5: [TeraCopyS64] -> {A764EEF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2011-10-26] ()
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-02-15] (Foxit Software Inc.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2011-10-26] ()
ContextMenuHandlers6: [TeraCopyS64] -> {A764EEF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2011-10-26] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0332F065-457A-4893-918B-6C91CC2A059F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3813752901-3998910076-3428625962-1001Core => C:\Users\Ryan Nakai\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0DEE3FC5-3B3B-4231-9369-527159273B67} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {126F54CE-0361-4AB8-A13F-F1B72A673C97} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1293E7C4-D091-4650-9E2A-2D4A3F0E7B72} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {166B1A52-8BC0-497C-A2CD-F2101F098CF1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16830EC9-CA72-44AB-8564-AC78EDEF1A14} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-28] (Dropbox, Inc.)
Task: {1B53C0D6-6C50-47D3-8B42-8AC93E65F75F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2799B9E9-12D3-4F71-A23D-15D51EBB365C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2AC6A0AA-BED4-4351-8D95-3B2D924B1C4B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {318D4469-1F62-4553-913D-6E3840E17E41} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {32E4AFD2-0316-4A76-BE1D-4057A7C87A03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {37B49C50-3BE9-4D10-8077-FB043A549AD6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe generaltel.dll,RunTelemetryW
Task: {43E6EBC5-14EC-413D-B797-62A2979D587D} - System32\Tasks\{04831F74-BB9F-4417-B60D-8864EEFCFC35} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Ryan Nakai\AppData\Local\Temp\7zS803E.tmp\MicroInstallerNative.exe" -d C:\Users\RYANNA~1\AppData\Local\Temp\7zS803E.tmp <==== ATTENTION
Task: {45D32615-401F-4B39-A10E-2E85D1057902} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {4A739648-42BF-46D1-BD94-57DA880DA904} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {4E2A253D-A292-4285-8ABB-1D01EC2861A6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {52933F8A-FA64-4805-90B0-E9E91FDD91CD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {77FE407B-9CB5-4CEE-B8DB-2E784D4715E1} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2017-09-27] (Glarysoft Ltd)
Task: {78DD1C88-AC1F-4F7C-80F0-3EBFB1A6C760} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {792FC510-D96A-4EAC-96BC-735F2AF06891} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {7FD49B8C-4534-46E4-803E-691A78B40027} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {81D62FF8-BDB8-4B69-8B0C-AFB8C615080A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {84702869-6FA9-4A4D-ADBD-86067BB1E036} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8F4C3A2F-D807-437E-BAA4-10DF9721ED47} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: {903783B0-942F-44A6-87D2-1D8FB86F894F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_159_pepper.exe [2017-10-10] (Adobe Systems Incorporated)
Task: {93442E65-DBEC-44A9-A05E-57CA228722CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9C374FB4-2472-476C-861F-85F0B3B2F514} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9CE8A4DC-6488-411F-8CCA-1C8616A94E7F} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2017-09-27] (Glarysoft Ltd)
Task: {A02ABF5F-5951-480D-95A8-9BCEAB05EE27} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A4129062-7BB3-4F94-88A5-3FB69D7AC940} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A7EA203E-B53D-4870-8344-D0A761E9E441} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {ADB0D469-C39D-417C-B284-A856780422DC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B15F9FC0-AFA4-438D-8226-50352A24F36D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B1A83C33-A256-42B2-AB09-484BEE26FA72} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B4616533-F011-4B5B-97DC-9A089B4E081A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {BFC7F104-DCC1-4F32-9985-ED1D40749943} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C1C9C14A-394B-409C-B7F1-2AFA729DD1E8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {C77F73F6-A8A8-4B33-8690-04CF7870F28E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CD65B18E-3993-4CF0-8F0A-38C63937B50B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {D0292CC7-8EAC-49B4-981A-4191BB8F69AD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D1D43B61-A0FB-4164-B1D3-47DFB685FDAA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D7CE1568-7EE5-4B8A-90B1-56200FD4EC54} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3813752901-3998910076-3428625962-1001UA => C:\Users\Ryan Nakai\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D84D8721-8355-4147-A846-092C7EA55B4F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-28] (Dropbox, Inc.)
Task: {DC80A298-7590-4501-BF10-EBC5255EE6E5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DFD08C1B-6618-4CBF-8391-1D3AC94DA9A1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E56F21B5-C230-449C-B57D-B17C3C029513} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E5BBDF34-B300-4077-A9DA-F87CA56EC14F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ECDE8BB0-EBC2-4B62-ACC7-446A5AD90E14} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F577CB80-ADC2-4DF2-BFA0-88211234FBFE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FAECCE5E-B814-400D-AB6B-CB495613FCF0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-10] (Adobe Systems Incorporated)
Task: {FCAED403-2419-4D81-81D8-6B792FCD1027} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FE36B75F-9F93-422B-9876-A128BD10DD43} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_npoipmeppdioagbkigdlnpmjphnolaog\Scientific Calculator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=npoipmeppdioagbkigdlnpmjphnolaog
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_nffchahhjecejoiigmnhhicpoabngedk\OneDrive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nffchahhjecejoiigmnhhicpoabngedk
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_mkaakpdehdafacodkgkpghoibnmamcme\Google Drawings.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mkaakpdehdafacodkgkpghoibnmamcme
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_mhagnkphcmpkmabhocgimoncfaihkpof\Spelunky HTML5.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mhagnkphcmpkmabhocgimoncfaihkpof
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_liglcienpnkhdajdfmnpbgmpjglonipe\Numerics Calculator & Converter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=liglcienpnkhdajdfmnpbgmpjglonipe
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_lhecpmapflhhdpcnpedpcaabolnapcae\The Gansberg Clock.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lhecpmapflhhdpcnpedpcaabolnapcae
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_joodangkbfjnajiiifokapkpmhfnpleo\Calculator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=joodangkbfjnajiiifokapkpmhfnpleo
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hoihofapbdnldlhecnhefifbcddgdkhm\Clock.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hoihofapbdnldlhecnhefifbcddgdkhm
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hmjkmjkepdijhoojdojkdfohbdgmmhki\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_felcaaldnbdncclmgdcncolpebgiejap\Sheets.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=felcaaldnbdncclmgdcncolpebgiejap
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_ejjicmeblgpmajnghnpcppodonldlgfn\Google Calendar.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ejjicmeblgpmajnghnpcppodonldlgfn
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_edebbhkhcaafmolanelponjjanocpacd\Timer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=edebbhkhcaafmolanelponjjanocpacd
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_decmldkknaaemlafplkkdmmmelbdnlja\Calculator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=decmldkknaaemlafplkkdmmmelbdnlja
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cbfcckmhbpkjgfcnbgfmdodnlokimjdc\HTML5 Analog Clock.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cbfcckmhbpkjgfcnbgfmdodnlokimjdc
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_blpebaehgfgkcmmjjknibibbjacnplim\Solitaire.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=blpebaehgfgkcmmjjknibibbjacnplim
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_blpcfgokakmgnkcojhhkbfbldkacnbeo\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=blpcfgokakmgnkcojhhkbfbldkacnbeo
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_bhdheahnajobgndecdbggfmcojekgdko\Desmos Graphing Calculator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=bhdheahnajobgndecdbggfmcojekgdko
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_aohghmighlieiainnegkcijnfilokake\Docs.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=aohghmighlieiainnegkcijnfilokake
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_agbmjhlgdihdaebioelepgldgojpkjag\Just Type.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=agbmjhlgdihdaebioelepgldgojpkjag
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_aapocclcgogkmnckokdopfmhonfmgoek\Slides.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=aapocclcgogkmnckokdopfmhonfmgoek
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\AudioRecorder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=enhfkjkjfhhdibpgjmiamdcdgmcjpplk
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Calculator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=joodangkbfjnajiiifokapkpmhfnpleo
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Calendar Clock.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=galgfocamdohgeifjlbefkfpaalankfi
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\GPemu.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=jhficiigpnhhaojldmanflihieepanbb
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Just Type.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=agbmjhlgdihdaebioelepgldgojpkjag
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Polarr Photo Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=djonnbgfieijldcieafgjcnhmpcfpmgg
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Spelunky HTML5.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mhagnkphcmpkmabhocgimoncfaihkpof
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Type Case.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=afgojplakjihkbpjdemlbedkkgpbojeg
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=joodangkbfjnajiiifokapkpmhfnpleo
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Keep - notes and lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Type Case.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=afgojplakjihkbpjdemlbedkkgpbojeg
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\fd4d8e7501576f3f\Pushbullet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=chlffgpmiacpedhhbkiomidkjlcfhogd
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\66b9b787e09fde9f\History Eraser.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gjieilkfnnjoihjjonajndjldjoagffm
ShortcutWithArgument: C:\Users\Ryan Nakai\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\34707bd4e0c9d2b9\Clock.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hoihofapbdnldlhecnhefifbcddgdkhm
==================== Loaded Modules (Whitelisted) ==============
2015-07-10 05:00 - 2015-07-10 05:00 - 000028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-03 00:31 - 2015-08-03 00:31 - 000032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-11-17 19:49 - 2016-10-25 01:15 - 000404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-11-28 16:14 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-08-02 23:24 - 2012-08-28 14:20 - 000313432 _____ () C:\Windows\system32\GManager.exe
2013-08-06 15:54 - 2011-05-03 18:13 - 000199296 _____ () C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
2015-08-02 23:24 - 2014-08-22 17:10 - 002244912 _____ () C:\WINDOWS\system32\MlPatch.exe
2017-07-19 16:09 - 2017-07-19 16:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-06-14 12:09 - 2017-06-03 07:39 - 002495776 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-07 17:13 - 2017-08-07 17:13 - 000126792 _____ () C:\Program Files\Box\Box Sync\_ctypes.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 001488200 _____ () C:\Program Files\Box\Box Sync\_hashlib.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000056648 _____ () C:\Program Files\Box\Box Sync\_socket.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 002106696 _____ () C:\Program Files\Box\Box Sync\_ssl.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000136520 _____ () C:\Program Files\Box\Box Sync\win32api.pyd
2017-08-07 17:09 - 2017-08-07 17:09 - 000143688 _____ () C:\Program Files\Box\Box Sync\pywintypes27.dll
2017-08-07 17:09 - 2017-08-07 17:09 - 000554824 _____ () C:\Program Files\Box\Box Sync\pythoncom27.dll
2017-08-07 17:08 - 2017-08-07 17:08 - 000063304 _____ () C:\Program Files\Box\Box Sync\psutil._psutil_windows.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000698184 _____ () C:\Program Files\Box\Box Sync\unicodedata.pyd
2017-08-07 17:02 - 2017-08-07 17:02 - 000009544 _____ () C:\Program Files\Box\Box Sync\clr.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000033096 _____ () C:\Program Files\Box\Box Sync\ujson.pyd
2017-08-07 17:09 - 2017-08-07 17:09 - 000017736 _____ () C:\Program Files\Box\Box Sync\select.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000187208 _____ () C:\Program Files\Box\Box Sync\_elementtree.pyd
2017-08-07 17:08 - 2017-08-07 17:08 - 000185672 _____ () C:\Program Files\Box\Box Sync\pyexpat.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000528200 _____ () C:\Program Files\Box\Box Sync\win32com.shell.shell.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000029000 _____ () C:\Program Files\Box\Box Sync\win32event.pyd
2017-08-07 17:11 - 2017-08-07 17:11 - 000155976 _____ () C:\Program Files\Box\Box Sync\win32file.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000069960 _____ () C:\Program Files\Box\Box Sync\_sqlite3.pyd
2017-08-07 17:11 - 2017-08-07 17:11 - 000142152 _____ () C:\Program Files\Box\Box Sync\win32security.pyd
2017-08-07 17:11 - 2017-08-07 17:11 - 000051016 _____ () C:\Program Files\Box\Box Sync\win32process.pyd
2017-08-07 17:12 - 2017-08-07 17:12 - 000059720 _____ () C:\Program Files\Box\Box Sync\win32service.pyd
2017-08-07 17:14 - 2017-08-07 17:14 - 000032072 _____ () C:\Program Files\Box\Box Sync\_yappi.pyd
2017-08-07 17:13 - 2017-08-07 17:13 - 000040776 _____ () C:\Program Files\Box\Box Sync\_multiprocessing.pyd
2017-08-07 17:10 - 2017-08-07 17:10 - 000027464 _____ () C:\Program Files\Box\Box Sync\win32clipboard.pyd
2017-08-07 17:11 - 2017-08-07 17:11 - 000229704 _____ () C:\Program Files\Box\Box Sync\win32gui.pyd
2017-03-22 09:44 - 2017-01-31 06:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2017-09-26 15:39 - 2017-09-21 01:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-26 15:39 - 2017-09-21 01:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-08-07 16:59 - 2017-08-07 16:59 - 000166216 _____ () C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
2013-02-25 19:57 - 2011-10-26 18:41 - 000126464 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2013-02-25 19:57 - 2011-10-26 18:41 - 000318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2015-09-30 20:00 - 2015-09-16 23:48 - 000429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2017-05-10 09:12 - 2017-04-27 17:44 - 006569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-02 18:08 - 2016-11-19 00:06 - 000471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-10 09:13 - 2017-04-27 17:42 - 001808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 20:00 - 2015-09-16 23:43 - 002274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-10-12 11:43 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-10-12 11:43 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-10-12 11:43 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-10-12 11:43 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-02-01 18:01 - 2016-02-01 18:01 - 000117248 _____ () C:\Users\Ryan Nakai\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2016-02-01 18:00 - 2016-02-01 18:00 - 000234496 _____ () C:\Users\Ryan Nakai\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2016-02-01 18:00 - 2016-02-01 18:00 - 000253440 _____ () C:\Users\Ryan Nakai\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2016-02-01 17:59 - 2016-02-01 17:59 - 000344064 _____ () C:\Users\Ryan Nakai\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2013-03-12 17:10 - 2017-09-09 13:25 - 000688416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 18:14 - 2016-08-31 19:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-21 16:49 - 2017-10-11 13:10 - 002546976 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-28 16:45 - 2016-01-27 01:49 - 002549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 16:45 - 2016-01-27 01:49 - 000491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 16:45 - 2016-01-27 01:49 - 000332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-28 16:45 - 2016-01-27 01:49 - 000442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 16:45 - 2016-01-27 01:49 - 000485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-19 18:14 - 2016-08-31 19:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 18:14 - 2016-08-31 19:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2013-02-13 22:41 - 2017-10-11 13:10 - 000901408 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-09-11 09:06 - 2014-09-11 09:06 - 000878592 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\platforms\qwindows.dll
2014-09-11 09:05 - 2014-09-11 09:05 - 000036352 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qgenericbearer.dll
2014-09-11 09:06 - 2014-09-11 09:06 - 000038912 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll
2014-09-11 09:14 - 2014-09-11 09:14 - 000032256 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qdds.dll
2014-09-11 09:05 - 2014-09-11 09:05 - 000021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qgif.dll
2014-09-11 09:14 - 2014-09-11 09:14 - 000027648 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qicns.dll
2014-09-11 09:05 - 2014-09-11 09:05 - 000021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qico.dll
2014-09-11 09:14 - 2014-09-11 09:14 - 000381952 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjp2.dll
2014-09-11 09:05 - 2014-09-11 09:05 - 000204800 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjpeg.dll
2014-09-11 09:14 - 2014-09-11 09:14 - 000218112 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qmng.dll
2014-09-11 09:08 - 2014-09-11 09:08 - 000015872 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qsvg.dll
2014-09-11 09:14 - 2014-09-11 09:14 - 000015360 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtga.dll
2014-09-11 09:15 - 2014-09-11 09:15 - 000307712 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtiff.dll
2014-09-11 09:15 - 2014-09-11 09:15 - 000014848 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwbmp.dll
2014-09-11 09:15 - 2014-09-11 09:15 - 000252928 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwebp.dll
2016-04-08 16:35 - 2016-04-08 16:35 - 003481600 _____ () C:\Users\Ryan Nakai\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
2017-06-22 20:56 - 2017-06-22 20:56 - 000325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2017-01-16 05:40 - 2017-01-16 05:40 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2017-10-04 15:22 - 2017-10-03 04:21 - 000771904 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-10-04 15:22 - 2017-10-03 04:21 - 001804608 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-09-21 12:54 - 2017-10-03 04:21 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-01-23 17:26 - 2017-10-03 04:21 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-01-23 17:26 - 2017-10-03 04:22 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-01-23 17:26 - 2017-10-03 04:21 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-10-04 15:22 - 2017-10-03 04:21 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-10-04 15:22 - 2017-10-03 04:21 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-01-23 17:26 - 2017-10-03 04:21 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-01-23 17:26 - 2017-10-03 04:21 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-10-04 15:22 - 2017-10-03 04:21 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-04-26 15:53 - 2017-10-03 04:21 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-10-04 15:22 - 2017-10-03 04:21 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-01-23 17:26 - 2017-10-03 04:22 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-01-23 17:26 - 2017-10-03 04:21 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-04-26 15:53 - 2017-10-03 04:21 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-04-26 15:53 - 2017-10-03 04:21 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-01-23 17:26 - 2017-10-03 04:21 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-01-23 17:26 - 2017-10-03 04:21 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000154440 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000045888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-09-21 12:54 - 2017-10-03 04:21 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000101184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-09-21 12:54 - 2017-10-03 04:22 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-10-04 15:22 - 2017-10-03 04:21 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-10-04 15:22 - 2017-10-03 04:22 - 000032600 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-10-04 15:22 - 2017-10-03 04:21 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-10-04 15:22 - 2017-10-03 04:22 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-09-21 12:54 - 2017-10-03 04:22 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-10-04 15:22 - 2017-10-03 04:22 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2017-10-04 15:22 - 2017-10-03 04:22 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-10-12 12:25 - 2017-10-12 12:25 - 000098816 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32api.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000110080 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\pywintypes27.dll
2017-10-12 12:25 - 2017-10-12 12:25 - 000364544 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\pythoncom27.dll
2017-10-12 12:25 - 2017-10-12 12:25 - 000320512 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32com.shell.shell.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000914432 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_hashlib.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 001176576 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._core_.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000806400 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._gdi_.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000816128 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._windows_.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 001067008 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._controls_.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000733184 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._misc_.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000682496 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\pysqlite2._sqlite.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000088064 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_ctypes.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000686080 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\unicodedata.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000119808 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32file.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000108544 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32security.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000007168 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\hashobjs_ext.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000017920 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\thumbnails_ext.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000088064 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\usb_ext.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000012800 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\common.time34.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000018432 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32event.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000167936 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32gui.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000046080 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_socket.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 001303552 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_ssl.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000128512 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_elementtree.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000127488 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\pyexpat.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000038912 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32inet.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000036864 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_psutil_windows.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000525208 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\windows._lib_cacheinvalidation.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000011264 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32crypt.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000123392 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._wizard.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000077312 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._html2.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000027648 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_multiprocessing.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000020480 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\_yappi.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000035840 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32process.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000078848 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\wx._animate.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000024064 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32pipe.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000010240 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\select.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000025600 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32pdh.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000017408 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32profile.pyd
2017-10-12 12:25 - 2017-10-12 12:25 - 000022528 ____R () C:\Users\Ryan Nakai\AppData\Local\Temp\_MEI59162\win32ts.pyd
2016-12-17 10:55 - 2017-08-16 16:28 - 073130272 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-09 19:54 - 2017-09-06 20:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2015-01-19 18:14 - 2015-09-24 17:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2017-09-27 21:31 - 2017-09-27 21:31 - 000087024 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2009-06-10 15:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3813752901-3998910076-3428625962-1001\Control Panel\Desktop\\Wallpaper -> c:\users\ryan nakai\documents\r-stuff\wallpapers 1.2.5\patterns and textures\c3634531b40b2b97b30653324691b1b1.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{99123B69-F55B-406C-962C-AF31D8366049}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{9AD84985-A221-4F83-9CEE-DB09ACF1E65F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{2ECDD4B2-26F7-4789-B671-6A457B78B2BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{189741C3-8FF9-4480-86E0-82B4E7089D65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{A29268A0-6729-4674-B2E0-B568F6E9645E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4F710B0D-0431-4EC6-A337-8010E5D3E56E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A57DAC2B-8EB0-48C1-8FCA-ED3FC310B1F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Retro Game Crunch\Retro Game Crunch.exe
FirewallRules: [{52BAEA47-F1A2-4C00-9D7D-77458EBF8D7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Retro Game Crunch\Retro Game Crunch.exe
FirewallRules: [{C18176B6-9B10-4EB1-9E97-C46F4CCF5105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{BBF6A2AB-122D-4CE4-937A-0CD481F14D54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{724A6F02-5017-44EC-A990-A3439C8EBD83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Peggle Nights\PeggleNights.exe
FirewallRules: [{EFB856F5-EDC7-4373-B2B9-A4173A3BFCFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Peggle Nights\PeggleNights.exe
FirewallRules: [{A65AC39F-9C68-4352-958C-777D4B3DFE1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{0560329D-E6D1-4B52-BF37-3C14A369593F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Peggle Deluxe\Peggle.exe
FirewallRules: [{6760F5BF-5C7E-47BA-A907-9FEFAA0D0BCA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ContraptionMaker\ContraptionMaker.exe
FirewallRules: [{C5E6108E-72BB-4752-B586-69EC1667BB4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ContraptionMaker\ContraptionMaker.exe
FirewallRules: [{B8B2B5CA-A167-468D-8A1D-91D2F11EFC08}] => (Allow) C:\Users\Ryan Nakai\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{E19FFD3E-E80A-49C0-B793-FE467F2267DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{5AE08678-D30F-4ECE-9426-A2296E5A0FEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [UDP Query User{AA789855-7BBB-4AFD-A2B6-6ABF2FD47785}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [TCP Query User{BEEDA220-8B3B-4C8A-A29E-C19939DE08BA}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{286C7A8E-D56A-448F-A195-065B2FB8F707}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Peggle Extreme\PeggleExtreme.exe
FirewallRules: [{E75F5F04-1F85-4FCE-A76E-5B4C283D32F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Peggle Extreme\PeggleExtreme.exe
FirewallRules: [{86FD8C81-8BEA-410B-B4DC-FD2757997F52}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{40F7757A-2DEF-4D52-9031-C700A34D59F4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5FFDCCBB-B476-4EDD-AF84-5630DE8751BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{C4AD3EBF-8D6A-474B-86DC-B2D07C8D584B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{B351822B-F375-47DE-BCF9-678CE5352010}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe
FirewallRules: [{8F560E9A-B375-40D2-8A64-E6C2FA2FC3B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls Beta\SkullGirls.exe
FirewallRules: [{535B2FF9-B77F-4182-BB32-D51BEF366A5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{7ABE7E2A-D900-4FE9-A346-F6D4219A8102}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skullgirls\SkullGirls.exe
FirewallRules: [{E194399D-1B32-4E24-8A24-FC05BC1CBD3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wizorb\Wizorb.exe
FirewallRules: [{FE7E0F51-4B28-4BAF-BDF9-2671B76AC616}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wizorb\Wizorb.exe
FirewallRules: [{6AA883B7-3088-4C39-AB73-4321F4C8F919}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{57EBDD86-C9C4-469D-A88A-210A707849BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{4C680D68-347B-4B37-BD5B-7BB645D90347}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{97309324-6947-449E-AC98-23EDC67219CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{CC549FF4-CAB0-4C60-9FD7-A9C182B877C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eversion\eversion.exe
FirewallRules: [{8A3D4E50-6C9E-40A5-875C-22912BAA1F36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eversion\eversion.exe
FirewallRules: [{927AB254-936B-4130-829B-8E62C7857553}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PCMark 8\bin\PCMark8.exe
FirewallRules: [{2D24B087-A798-4709-8A1E-93DF39FFD071}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PCMark 8\bin\PCMark8.exe
FirewallRules: [{E9A82DC3-1E6E-4DAA-BA71-3223136F0886}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9DF46346-0F19-48BC-9046-7DB61F783506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{27B15300-214F-4A5C-AC09-16BCD13BAF5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{AC776B45-91CC-476C-B6D7-BEC20AF324E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{43068E02-7408-4379-9BFF-D8F2EBDE2429}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{8CA70194-C4D4-4C42-A800-48893F67C8C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{582DD20C-4D3E-4F38-9365-9967B9D16D18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{4535524C-3A31-46AA-A3CE-AD53F73C803E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{2BF3973E-F7C1-4224-9048-5BD22C63F6E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{5F9265D6-B5F9-4F1E-A94C-4DC4EBAEABA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{A80CDC9B-46D9-4C46-8CB8-0E9BF18217F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{659A457D-B34E-44BC-BEE7-373C840E2EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{13C61C1C-C131-4933-A0FC-5392553D8923}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{9F41614C-97FE-43B7-87E6-FAFA5551D06D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{AD068A6B-0FC7-46F2-B5CC-75DBD70043EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Hexagon\superhexagon.exe
FirewallRules: [{7C5A37C4-CBFF-4DDA-A9E4-DFAB858ECC7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Hexagon\superhexagon.exe
FirewallRules: [{989FD6DD-7D5C-4C81-BFEC-03F3FDE422D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{5AA5B594-7431-4816-93D7-7C0173C3ED38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{AC62340A-E2C0-43B4-A3C5-E6DE446539D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{EB742BDF-4193-4F9B-8288-8879321CEFAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{E268A297-792E-4A45-A294-937CE256F0F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{FAAD0623-3C55-4C05-993A-35045D86C1CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{8DC6B44B-5B6E-429C-B4B5-FD9725A606A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{89AB3886-7C29-40EB-9B75-95DB221826DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{A4F95AF1-BD0B-439A-818F-95933B2DB033}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{0F8092E9-8448-4545-AFB5-A22DE37F2D66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{2089D6C5-0A8E-41AE-B8F4-5AC4CCE827F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{325F518C-350D-4ECB-A38B-E5961D6FE54A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{815E1353-28FC-421E-8754-FAD917101FFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{C6D12C77-FD1E-4C9C-BF6C-D44482DD1FB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{A949B850-94B2-46CF-895D-98BF244413BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BIT.TRIP BEAT\BEAT.exe
FirewallRules: [{347CB3EF-C616-43F9-93AE-3EFED032A711}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BIT.TRIP BEAT\BEAT.exe
FirewallRules: [{5DB713F0-91EA-4521-95B1-EE91B5F69314}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Noitu Love 2 Devolution\config.exe
FirewallRules: [{4090BC91-451A-464B-8B5A-D2AF4F1ED706}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Noitu Love 2 Devolution\config.exe
FirewallRules: [{25D7770C-58C6-4FAB-9D4B-D41B89671838}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Noitu Love 2 Devolution\nl2.exe
FirewallRules: [{8D5EE0ED-FC06-4501-891A-AC139B730022}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Noitu Love 2 Devolution\nl2.exe
FirewallRules: [UDP Query User{CE0471B1-4D26-45B2-B91C-25CB59C707E9}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{465DA2B4-F6F9-41AB-8C23-87944EC85DF4}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{50ED50AC-FF34-491E-BAEF-91217E08D068}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{171515DD-28E9-4B99-9755-BA53F812B272}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{76A0A0BB-C9C7-4D10-96B2-EA4595B85A5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{4F098576-07ED-44A6-B939-49F47679E786}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{B45C6EB1-EFDA-47C8-832D-BCEE1FE77757}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{00704251-EB0C-414B-A3F9-34540B6F8972}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{980CD676-C83B-471C-9EDF-A0DCF5244F3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{E07C2FDB-57CA-4E8F-8584-83F4F42D9F9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{7C89DBCD-DBD1-4A51-A50C-80C2BF9972CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{CC59B608-4699-4BCC-BE35-4967B93B78EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{01FC424C-01B0-4A5C-8DBB-B4A33A30B4CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Typing of the Dead Overkill\HOTD_NG.exe
FirewallRules: [{E5F80EF9-A088-4251-83A9-2F78DCCEC5E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Typing of the Dead Overkill\HOTD_NG.exe
FirewallRules: [{1629A8D2-469F-4141-8894-E832B7B57264}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EDGE\edge.exe
FirewallRules: [{67C71B49-3D11-41CB-800E-5BCA794BAEC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EDGE\edge.exe
FirewallRules: [UDP Query User{5D8F56BB-74C8-42DA-8A06-6137E5A06CE2}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [TCP Query User{40483D28-5B8D-4250-B353-B7DEFE574304}C:\program files (x86)\musicbrainz picard\picard.exe] => (Allow) C:\program files (x86)\musicbrainz picard\picard.exe
FirewallRules: [{5F81ECB0-F187-416F-B563-88138D421B4A}] => (Allow) LPort=1900
FirewallRules: [{BAA9C1CF-0A0D-40EA-8E38-53AB51939343}] => (Allow) LPort=2869
FirewallRules: [{B7D1920E-03D9-45B2-8EE3-433472236E36}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6EAB3C87-F5E1-4667-A63C-FBFA0EAA4977}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Adventure 2\Launcher.exe
FirewallRules: [{EF1B7469-2F83-4986-B1F4-B3BAC7812C0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Adventure 2\Launcher.exe
FirewallRules: [UDP Query User{77A9F624-1464-4ECF-ABB0-FA07BB8D46C3}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{D5E491AA-92FB-483C-82E6-339702729A32}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{F60247A5-5E88-4609-BD10-CEBF55D02D4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{74A65BB6-3117-43B2-B7D0-0987B6BFB544}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [UDP Query User{6E3A34B7-C8A4-488C-A7BC-CC8872D98894}C:\users\ryan nakai\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ryan nakai\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{815E741A-F708-4C19-A985-D58FFF5082C8}C:\users\ryan nakai\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ryan nakai\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{A28138A5-BD8D-40F3-8738-320B0AF6C90B}C:\program files (x86)\makemkv\makemkvcon64.exe] => (Allow) C:\program files (x86)\makemkv\makemkvcon64.exe
FirewallRules: [TCP Query User{BD6FDF31-D9AF-4F6A-8839-2EB72FE2C13D}C:\program files (x86)\makemkv\makemkvcon64.exe] => (Allow) C:\program files (x86)\makemkv\makemkvcon64.exe
FirewallRules: [{1E5CFEFD-1361-4FC1-88C3-C72340D70E39}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E8027A51-98E3-4531-BD1E-21EABE99C48B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{1B1EA51D-E185-4757-B68F-058ED4088110}J:\portableapps\lanmessengerportable\app\lanmessenger\lmc.exe] => (Allow) J:\portableapps\lanmessengerportable\app\lanmessenger\lmc.exe
FirewallRules: [TCP Query User{2F836463-65AF-4437-BB31-1BC741343282}J:\portableapps\lanmessengerportable\app\lanmessenger\lmc.exe] => (Allow) J:\portableapps\lanmessengerportable\app\lanmessenger\lmc.exe
FirewallRules: [{241A381E-BB20-4782-9FBF-21B3BCC7146C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{9842E21D-4A30-494D-AD0F-39D677FB65F4}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{BE0A011F-A2FB-4192-91EB-2E7DD86902A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{1DE85618-A800-4734-8EF7-ACAF4B6CB4D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{99962BDC-C549-4562-BC0D-B0828F1AD21C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pink Heaven\PinkHeaven.exe
FirewallRules: [{F5DA0CA8-CB54-4214-8268-D0F4E44DA08E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pink Heaven\PinkHeaven.exe
FirewallRules: [{C4F36EBD-17D5-458B-A874-3EF18608A60D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pink Hour\PinkHour.exe
FirewallRules: [{CE8F7008-F9D4-4521-9CD1-8EF92844FB9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pink Hour\PinkHour.exe
FirewallRules: [{90D274C6-DBC5-4EDD-8AAB-A0520063A980}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DE2C0E49-86DB-4C3E-97D3-B4CA88F7B484}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AD64A23B-1A2E-4992-B340-30C89E246593}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mighty Switch Force! Hose It Down!\HoseItDown.exe
FirewallRules: [{7C0CA58B-8C11-4537-8AFC-4423D220433B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mighty Switch Force! Hose It Down!\HoseItDown.exe
FirewallRules: [{83E0EC28-DFE3-4B41-B3BE-6277D2627E2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm7.exe
FirewallRules: [{581626F8-FD6A-4503-AA49-507CA4EF59EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm7.exe
FirewallRules: [{09E0B2C6-62F7-4423-A32C-8066B657DA85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm5.exe
FirewallRules: [{E8EE5830-455D-463D-BFF6-19FE1AD7CEF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess Remedy\remedy_gm5.exe
FirewallRules: [{437F58D2-121D-4161-A672-562C5B3C60AB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B534FD21-433E-44E7-B638-A4DEF76F0B9E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{427066B3-A4BC-4524-B212-ABD2B7CD4211}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitB\8BB.exe
FirewallRules: [{17F357CE-6E1C-4645-810D-2D1F0370FA90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\8BitB\8BB.exe
FirewallRules: [TCP Query User{4D90F1E0-4031-4C81-8912-62CA25AD038B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3DA30484-194E-4837-86A2-2552DE50D1CE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{7DFC39AD-56BC-4055-9E6F-80FB0AD7CED8}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\61.0.3163.20\remoting_host.exe
FirewallRules: [{FF4B6C72-5AB8-4DD2-837D-B89E922F89F6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F1319CB0-04AF-47B4-ADC2-2D5178E4570B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{02C518C1-39FB-40E6-8DFA-DE51830F6857}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{C1D19D5D-3948-4EAB-A997-B32A53A0D755}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
__
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2017-10-12 17:00:12
-----------------------------
17:00:12.159 OS Version: Windows x64 6.2.9200
17:00:12.159 Number of processors: 6 586 0xA00
17:00:12.160 ComputerName: LICORICE-PC UserName: Ryan Nakai
17:00:17.319 Initialize success
17:00:17.381 VM: initialized successfully
17:00:17.385 VM: Amd CPU BiosDisabled
17:10:38.783 AVAST engine defs: 17030301
17:20:14.632 The log file has been saved successfully to "C:\Users\Ryan Nakai\Desktop\aswMBR.txt"