1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

New Amazon Assistant Removal

Discussion in 'Virus & Other Malware Removal' started by EJHughes2392, Dec 6, 2017.

Thread Status:
Not open for further replies.
  1. EJHughes2392

    EJHughes2392 Thread Starter

    Joined:
    Dec 6, 2017
    Messages:
    2
    First Name:
    Ethan
    Hi,

    I have looked through a few forums on removing the Amazon Assistant virus but I still have not removed it from my machine. I'm continuously getting the blank, white pop-up. When I went to remove the program, the "uninstall" option is greyed out and I am unable to get into the actual file to delete it because it keeps saying that the file is open. I haven't been able to close the pop-up for long enough to remove the file. As I type this, the pop-up is coming up every 10-15 seconds. I just need this gone, it's getting to be too much and my machine is slowing down exponentially.

    Here are the specifications of my machine.

    Tech Support Guy System Info Utility version 1.0.0.4
    OS Version: Microsoft Windows 10 Home, 64 bit
    Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz, Intel64 Family 6 Model 78 Stepping 3
    Processor Count: 4
    RAM: 3969 Mb
    Graphics Card: Intel(R) HD Graphics 520, 1024 Mb
    Hard Drives: C: 930 GB (812 GB Free);
    Motherboard: Acer, Ironman_SK
    Antivirus: Avast Antivirus, Enabled and Updated

    I also went ahead and ran a scan on my computer with the FRST (x64) program I saw in many other replies. I will include both scans below.

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2017
    Ran by Ethan Hughes (administrator) on HUGHES (06-12-2017 13:24:46)
    Running from C:\Users\Ethan Hughes\Downloads
    Loaded Profiles: Ethan Hughes (Available Profiles: Ethan Hughes)
    Platform: Windows 10 Home Version 1709 16299.64 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
    (Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
    () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (SweetLabs, Inc) C:\Users\Ethan Hughes\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
    (Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxext.exe
    (Spotify Ltd) C:\Users\Ethan Hughes\AppData\Roaming\Spotify\SpotifyWebHelper.exe
    (Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Spotify Ltd) C:\Users\Ethan Hughes\AppData\Roaming\Spotify\Spotify.exe
    (Spotify Ltd) C:\Users\Ethan Hughes\AppData\Roaming\Spotify\Spotify.exe
    (Spotify Ltd) C:\Users\Ethan Hughes\AppData\Roaming\Spotify\Spotify.exe
    (Spotify Ltd) C:\Users\Ethan Hughes\AppData\Roaming\Spotify\Spotify.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16481560 2016-03-22] (Realtek Semiconductor)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-15] (AVAST Software)
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
    HKU\S-1-5-21-2008701448-1604200778-1345039759-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-30] (Valve Corporation)
    HKU\S-1-5-21-2008701448-1604200778-1345039759-1001\...\Run: [Spotify] => C:\Users\Ethan Hughes\AppData\Roaming\Spotify\Spotify.exe [21076080 2017-11-25] (Spotify Ltd)
    HKU\S-1-5-21-2008701448-1604200778-1345039759-1001\...\Run: [Spotify Web Helper] => C:\Users\Ethan Hughes\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-25] (Spotify Ltd)
    Startup: C:\Users\Ethan Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk [2016-11-02]
    ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation)
    Startup: C:\Users\Ethan Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-03-15]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 136.227.1.10 136.227.1.11
    Tcpip\..\Interfaces\{1ccf3959-5383-45dd-9959-899061e3c417}: [DhcpNameServer] 209.18.47.62 209.18.47.61
    Tcpip\..\Interfaces\{a29e69c1-d24a-49c1-bea3-31d85ef81b05}: [DhcpNameServer] 136.227.1.10 136.227.1.11

    Internet Explorer:
    ==================
    HKU\S-1-5-21-2008701448-1604200778-1345039759-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
    HKU\S-1-5-21-2008701448-1604200778-1345039759-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
    SearchScopes: HKU\S-1-5-21-2008701448-1604200778-1345039759-1001 -> DefaultScope {B93593E2-3285-473F-8716-E7549854596E} URL =
    SearchScopes: HKU\S-1-5-21-2008701448-1604200778-1345039759-1001 -> {B93593E2-3285-473F-8716-E7549854596E} URL =
    BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-16] (Microsoft Corporation)
    BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-11-07] (Microsoft Corporation)
    BHO-x32: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-11-06] (Microsoft Corporation)
    BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-11-07] (Microsoft Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-01] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-01] (Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-01] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-01] (Microsoft Corporation)

    FireFox:
    ========
    FF DefaultProfile: hbaf53of.default
    FF ProfilePath: C:\Users\Ethan Hughes\AppData\Roaming\Mozilla\Firefox\Profiles\hbaf53of.default [2017-07-14]
    FF Extension: (Amazon Assistant for Firefox) - C:\Users\Ethan Hughes\AppData\Roaming\Mozilla\Firefox\Profiles\hbaf53of.default\Extensions\[email protected] [2016-10-02] [Lagacy]
    FF Extension: (Dashlane) - C:\Users\Ethan Hughes\AppData\Roaming\Mozilla\Firefox\Profiles\hbaf53of.default\Extensions\[email protected] [2016-10-17] [Lagacy]
    FF Extension: (English (US) Language Pack) - C:\Users\Ethan Hughes\AppData\Roaming\Mozilla\Firefox\Profiles\hbaf53of.default\Extensions\[email protected] [2016-10-02] [Lagacy]
    FF Extension: (Mozilla Partner Defaults) - C:\Users\Ethan Hughes\AppData\Roaming\Mozilla\Firefox\Profiles\hbaf53of.default\Extensions\[email protected] [2016-10-02] [Lagacy]
    FF Extension: (Avast Online Security) - C:\Users\Ethan Hughes\AppData\Roaming\Mozilla\Firefox\Profiles\hbaf53of.default\Extensions\[email protected] [2017-11-15]
    FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [not found]
    FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2016-05-04] [Lagacy]
    FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2016-05-04] [Lagacy]
    FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2016-05-04] [Lagacy]
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-11-06] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-11-06] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)

    Chrome:
    =======
    CHR HomePage: Default -> hxxps://search-startpage.com/?s=acer&m=home&brw=ch
    CHR StartupUrls: Default -> "hxxps://search-startpage.com/?s=acer&m=start&brw=ch","hxxps://webstart-page.com/?s=acer&m=start&brw=ch"
    CHR Profile: C:\Users\Ethan Hughes\AppData\Local\Google\Chrome\User Data\Default [2017-12-06]
    CHR Extension: (Slides) - C:\Users\Ethan Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
    CHR Extension: (Docs) - C:\Users\Ethan Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
    CHR Extension: (Google Drive) - C:\Users\Ethan Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-02]
    CHR Extension: (YouTube) - C:\Users\Ethan Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-02]
    CHR Extension: (Sheets) - C:\Users\Ethan Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
    CHR Extension: (Google Docs Offline) - C:\Users\Ethan Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-03]
    CHR Extension: (AdBlock) - C:\Users\Ethan Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-06]
    CHR Extension: (Cut the Rope) - C:\Users\Ethan Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2016-10-02]
    CHR Extension: (Avast Online Security) - C:\Users\Ethan Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-09]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Ethan Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-21]
    CHR Extension: (Gmail) - C:\Users\Ethan Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-02]
    CHR Extension: (Chrome Media Router) - C:\Users\Ethan Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-15]
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2017-10-04] ()
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
    R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-15] (AVAST Software)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-15] (AVAST Software)
    R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278616 2017-03-20] (Acer Incorporated)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063664 2017-11-22] (Microsoft Corporation)
    S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane, Inc.)
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [976848 2016-01-14] (Intel(R) Corporation)
    R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-02-05] (Intel Corporation) [File not signed]
    R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [25928 2015-12-02] (Intel Corporation)
    S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-02-05] (Intel Corporation) [File not signed]
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-11] (Intel Corporation)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-11-16] (Electronic Arts)
    S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002728 2017-11-16] (Electronic Arts)
    R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-03-10] (Acer Incorporated)
    R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-03-10] (Acer Incorporated)
    R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [291232 2016-02-01] (acer)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [183584 2017-11-15] (AVAST Software)
    R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321032 2017-11-15] (AVAST Software s.r.o.)
    R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [198968 2017-11-15] (AVAST Software s.r.o.)
    R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343288 2017-11-15] (AVAST Software s.r.o.)
    R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57728 2017-11-15] (AVAST Software s.r.o.)
    S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47008 2017-11-15] (AVAST Software)
    R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-02-07] (AVAST Software)
    R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148288 2017-11-15] (AVAST Software)
    R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110376 2017-11-15] (AVAST Software)
    R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84416 2017-11-15] (AVAST Software)
    R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026232 2017-11-15] (AVAST Software)
    R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [455376 2017-11-15] (AVAST Software)
    R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203976 2017-11-15] (AVAST Software)
    R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [364464 2017-11-15] (AVAST Software)
    R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21408 2016-03-10] (Acer Incorporated)
    R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14752 2016-03-10] (Acer Incorporated)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-18] (Realtek )
    R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-17] (Realsil Semiconductor Corporation)
    R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [57448 2015-10-22] (Synaptics Incorporated)
    S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-12-06 13:24 - 2017-12-06 13:24 - 000000000 ____D C:\Users\Ethan Hughes\Downloads\FRST-OlderVersion
    2017-12-06 13:21 - 2017-12-06 13:21 - 000748192 _____ (TechGuy, Inc.) C:\Users\Ethan Hughes\Downloads\SysInfo.exe
    2017-12-06 13:04 - 2017-12-06 13:05 - 000041430 _____ C:\Users\Ethan Hughes\Downloads\Addition.txt
    2017-12-06 13:02 - 2017-12-06 13:25 - 000020426 _____ C:\Users\Ethan Hughes\Downloads\FRST.txt
    2017-12-06 13:02 - 2017-12-06 13:24 - 000000000 ____D C:\FRST
    2017-12-06 13:01 - 2017-12-06 13:24 - 002390528 _____ (Farbar) C:\Users\Ethan Hughes\Downloads\FRST64.exe
    2017-12-06 01:01 - 2017-12-06 01:01 - 000000000 ____D C:\ProgramData\SWCUTemp
    2017-12-05 13:35 - 2017-12-05 13:35 - 000014625 ____H C:\Users\Ethan Hughes\Documents\~WRL0426.tmp
    2017-11-30 15:22 - 2017-12-01 17:10 - 000000000 ____D C:\Users\Ethan Hughes\Downloads\Geology Research Paper
    2017-11-30 15:21 - 2017-11-30 15:21 - 001172761 _____ C:\Users\Ethan Hughes\Downloads\Topographic Map of Kanawha River.pdf
    2017-11-30 14:24 - 2017-11-30 14:24 - 000188645 ____H C:\Users\Ethan Hughes\Documents\~WRL3425.tmp
    2017-11-24 14:48 - 2017-12-06 01:01 - 000000510 _____ C:\WINDOWS\Tasks\Avast Driver Updater Startup.job
    2017-11-24 14:48 - 2017-11-24 14:48 - 000003022 _____ C:\WINDOWS\System32\Tasks\Avast Driver Updater Startup
    2017-11-24 14:47 - 2017-11-24 14:47 - 000002517 _____ C:\Users\Public\Desktop\Avast Driver Updater.lnk
    2017-11-24 14:47 - 2017-11-24 14:47 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
    2017-11-24 14:47 - 2017-11-24 14:47 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Local\AVAST Software
    2017-11-24 14:47 - 2017-11-24 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater
    2017-11-24 14:47 - 2017-11-24 14:47 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater
    2017-11-16 17:41 - 2017-11-16 17:50 - 000160452 _____ C:\WINDOWS\ntbtlog.txt
    2017-11-16 17:41 - 2017-11-16 17:41 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
    2017-11-16 17:12 - 2017-11-16 17:12 - 000000000 ___HD C:\$AV_ASW
    2017-11-16 17:09 - 2017-11-16 17:09 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Local\DBG
    2017-11-15 22:02 - 2017-11-15 21:58 - 000183584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
    2017-11-15 22:01 - 2017-11-15 21:58 - 000365168 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
    2017-11-15 21:41 - 2017-11-15 21:41 - 000001228 _____ C:\Users\Public\Desktop\FIFA 17.lnk
    2017-11-15 21:41 - 2017-11-15 21:41 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
    2017-11-15 21:41 - 2017-11-15 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 17
    2017-11-15 20:00 - 2017-10-25 04:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2017-11-15 20:00 - 2017-10-25 04:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
    2017-11-15 20:00 - 2017-10-25 04:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2017-11-15 20:00 - 2017-10-25 03:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
    2017-11-15 20:00 - 2017-10-25 01:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
    2017-11-15 20:00 - 2017-10-24 23:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2017-11-15 20:00 - 2017-10-24 23:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
    2017-11-15 20:00 - 2017-10-24 23:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2017-11-15 20:00 - 2017-10-24 23:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2017-11-15 20:00 - 2017-10-24 23:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2017-11-15 20:00 - 2017-10-24 23:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2017-11-15 20:00 - 2017-10-24 22:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2017-11-15 20:00 - 2017-10-24 22:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2017-11-15 20:00 - 2017-10-24 22:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
    2017-11-15 20:00 - 2017-10-24 22:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2017-11-15 20:00 - 2017-10-24 22:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2017-11-15 20:00 - 2017-10-24 22:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2017-11-15 20:00 - 2017-10-24 22:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2017-11-15 20:00 - 2017-10-24 22:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2017-11-15 20:00 - 2017-10-24 22:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2017-11-15 20:00 - 2017-10-24 22:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
    2017-11-15 20:00 - 2017-10-24 22:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2017-11-15 20:00 - 2017-10-24 22:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2017-11-15 20:00 - 2017-10-24 22:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2017-11-15 20:00 - 2017-10-24 22:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2017-11-15 20:00 - 2017-10-24 22:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2017-11-15 20:00 - 2017-10-24 22:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
    2017-11-15 20:00 - 2017-10-24 22:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
    2017-11-15 20:00 - 2017-10-24 22:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2017-11-15 20:00 - 2017-10-24 22:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2017-11-15 20:00 - 2017-10-24 22:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2017-11-15 20:00 - 2017-10-24 22:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2017-11-15 20:00 - 2017-10-24 22:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2017-11-15 20:00 - 2017-10-24 21:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2017-11-15 20:00 - 2017-10-24 21:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2017-11-15 20:00 - 2017-10-24 21:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2017-11-15 20:00 - 2017-10-20 09:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
    2017-11-15 19:27 - 2017-10-25 03:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
    2017-11-15 19:27 - 2017-10-25 03:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
    2017-11-15 19:27 - 2017-10-24 23:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
    2017-11-15 19:27 - 2017-10-24 23:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2017-11-15 19:27 - 2017-10-24 23:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2017-11-15 19:27 - 2017-10-24 23:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
    2017-11-15 19:27 - 2017-10-24 23:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2017-11-15 19:27 - 2017-10-24 23:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
    2017-11-15 19:27 - 2017-10-24 23:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2017-11-15 19:27 - 2017-10-24 23:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2017-11-15 19:27 - 2017-10-24 23:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2017-11-15 19:27 - 2017-10-24 23:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2017-11-15 19:27 - 2017-10-24 23:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2017-11-15 19:27 - 2017-10-24 23:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
    2017-11-15 19:27 - 2017-10-24 23:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2017-11-15 19:27 - 2017-10-24 23:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
    2017-11-15 19:27 - 2017-10-24 23:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2017-11-15 19:27 - 2017-10-24 23:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2017-11-15 19:27 - 2017-10-24 23:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
    2017-11-15 19:27 - 2017-10-24 23:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
    2017-11-15 19:27 - 2017-10-24 23:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
    2017-11-15 19:27 - 2017-10-24 23:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
    2017-11-15 19:27 - 2017-10-24 23:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2017-11-15 19:27 - 2017-10-24 23:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2017-11-15 19:27 - 2017-10-24 23:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2017-11-15 19:27 - 2017-10-24 23:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
    2017-11-15 19:27 - 2017-10-24 23:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2017-11-15 19:27 - 2017-10-24 22:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2017-11-15 19:27 - 2017-10-24 22:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2017-11-15 19:27 - 2017-10-24 22:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2017-11-15 19:27 - 2017-10-24 22:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
    2017-11-15 19:27 - 2017-10-24 22:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2017-11-15 19:27 - 2017-10-24 22:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2017-11-15 19:27 - 2017-10-24 22:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
    2017-11-15 19:27 - 2017-10-24 22:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2017-11-15 19:27 - 2017-10-24 22:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
    2017-11-15 19:27 - 2017-10-24 22:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
    2017-11-15 19:27 - 2017-10-24 22:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
    2017-11-15 19:27 - 2017-10-24 22:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
    2017-11-15 19:27 - 2017-10-24 22:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
    2017-11-15 19:27 - 2017-10-24 22:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
    2017-11-15 19:27 - 2017-10-24 22:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
    2017-11-15 19:27 - 2017-10-24 22:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
    2017-11-15 19:27 - 2017-10-24 22:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2017-11-15 19:27 - 2017-10-24 22:12 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2017-11-15 19:27 - 2017-10-24 22:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2017-11-15 19:27 - 2017-10-24 22:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
    2017-11-15 19:27 - 2017-10-24 22:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
    2017-11-15 19:27 - 2017-10-24 22:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
    2017-11-15 19:27 - 2017-10-24 22:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2017-11-15 19:27 - 2017-10-24 22:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2017-11-15 19:27 - 2017-10-24 22:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2017-11-15 19:27 - 2017-10-24 22:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2017-11-15 19:27 - 2017-10-24 22:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2017-11-15 19:27 - 2017-10-24 22:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2017-11-15 19:27 - 2017-10-24 22:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
    2017-11-15 19:27 - 2017-10-24 22:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2017-11-15 19:27 - 2017-10-24 22:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2017-11-15 19:27 - 2017-10-24 22:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
    2017-11-15 19:27 - 2017-10-24 22:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2017-11-15 19:27 - 2017-10-24 22:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2017-11-15 19:27 - 2017-10-24 22:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
    2017-11-15 19:27 - 2017-10-24 22:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
    2017-11-15 19:27 - 2017-10-24 22:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
    2017-11-15 19:27 - 2017-10-24 22:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
    2017-11-15 19:27 - 2017-10-24 22:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
    2017-11-15 19:27 - 2017-10-24 22:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
    2017-11-15 19:27 - 2017-10-24 21:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2017-11-15 19:27 - 2017-10-24 21:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
    2017-11-15 19:27 - 2017-10-24 21:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2017-11-15 19:27 - 2017-10-24 21:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
    2017-11-15 19:27 - 2017-10-21 07:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
    2017-11-15 19:27 - 2017-10-20 00:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
    2017-11-15 19:26 - 2017-10-24 22:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
    2017-11-15 19:26 - 2017-10-24 22:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
    2017-11-15 19:26 - 2017-10-24 22:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2017-11-15 19:26 - 2017-10-24 22:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2017-11-15 19:26 - 2017-10-24 22:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
    2017-11-15 19:26 - 2017-10-24 21:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
    2017-11-15 13:54 - 2017-11-15 13:54 - 000002125 _____ C:\Users\Public\Desktop\FL Studio 12 (64bit).lnk
    2017-11-15 13:54 - 2017-11-15 13:54 - 000002109 _____ C:\Users\Public\Desktop\FL Studio 12.lnk
    2017-11-15 13:54 - 2017-11-15 13:54 - 000001215 _____ C:\Users\Ethan Hughes\Desktop\ASIO4ALL v2 Instruction Manual.lnk
    2017-11-15 13:54 - 2017-11-15 13:54 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
    2017-11-15 13:54 - 2017-11-15 13:54 - 000000000 ____D C:\Program Files\Common Files\VST2
    2017-11-15 13:54 - 2017-11-15 13:54 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
    2017-11-15 13:54 - 2017-11-15 13:54 - 000000000 ____D C:\Program Files (x86)\VstPlugins
    2017-11-15 13:54 - 2017-11-15 13:54 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
    2017-11-15 13:53 - 2017-11-15 13:53 - 000000000 ____D C:\Users\Ethan Hughes\Documents\Image-Line
    2017-11-15 13:53 - 2017-11-15 13:53 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
    2017-11-15 13:53 - 2017-11-15 13:53 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Roaming\Image-Line
    2017-11-15 13:53 - 2017-11-15 13:53 - 000000000 ____D C:\Program Files\Image-Line
    2017-11-15 13:52 - 2017-11-15 13:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
    2017-11-15 13:44 - 2017-11-15 13:54 - 000000000 ____D C:\Program Files (x86)\Image-Line
    2017-11-15 11:41 - 2017-11-15 11:57 - 702580464 _____ (Image-Line) C:\Users\Ethan Hughes\Downloads\flstudio_12.5.1.5.exe
    2017-11-14 00:23 - 2017-11-14 00:23 - 000003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
    2017-11-12 23:33 - 2017-11-11 07:56 - 000121304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
    2017-11-10 13:12 - 2017-12-02 21:43 - 000000000 ____D C:\WINDOWS\Minidump
    2017-11-10 00:24 - 2017-11-10 00:29 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
    2017-11-10 00:22 - 2017-11-10 00:24 - 000000000 ____D C:\WINDOWS\ServiceProfiles
    2017-11-10 00:22 - 2017-11-10 00:22 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
    2017-11-10 00:20 - 2017-11-10 00:20 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001436432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 001200024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2017-11-10 00:20 - 2017-11-10 00:20 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2017-11-10 00:20 - 2017-11-10 00:20 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2017-11-10 00:20 - 2017-11-10 00:20 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2017-11-10 00:20 - 2017-11-10 00:20 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2017-11-10 00:20 - 2017-11-10 00:20 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2017-11-10 00:20 - 2017-11-10 00:20 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2017-11-10 00:20 - 2017-11-10 00:20 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000464416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
    2017-11-10 00:20 - 2017-11-10 00:20 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2017-11-10 00:20 - 2017-11-10 00:20 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
    2017-11-10 00:20 - 2017-11-10 00:20 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000232344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2017-11-10 00:20 - 2017-11-10 00:20 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
    2017-11-10 00:20 - 2017-11-10 00:20 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
    2017-11-10 00:20 - 2017-11-10 00:20 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
    2017-11-10 00:20 - 2017-11-10 00:20 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
    2017-11-10 00:20 - 2017-11-10 00:20 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
    2017-11-10 00:20 - 2017-11-10 00:20 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
    2017-11-10 00:17 - 2017-11-10 00:17 - 000000000 ____D C:\Program Files\Reference Assemblies
    2017-11-10 00:17 - 2017-11-10 00:17 - 000000000 ____D C:\Program Files\MSBuild
    2017-11-10 00:17 - 2017-11-10 00:17 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
    2017-11-10 00:17 - 2017-11-10 00:17 - 000000000 ____D C:\Program Files (x86)\MSBuild
    2017-11-10 00:16 - 2017-09-28 18:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2017-11-10 00:16 - 2017-09-28 18:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2017-11-10 00:16 - 2017-09-28 18:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2017-11-10 00:16 - 2017-09-22 21:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2017-11-10 00:16 - 2017-09-22 21:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2017-11-10 00:16 - 2017-09-22 21:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2017-11-09 22:05 - 2017-11-09 22:05 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
    2017-11-09 22:03 - 2017-11-09 22:03 - 000000000 ___HD C:\Users\Ethan Hughes\MicrosoftEdgeBackups
    2017-11-09 22:02 - 2017-11-09 22:02 - 000000020 ___SH C:\Users\Ethan Hughes\ntuser.ini
    2017-11-09 22:02 - 2017-11-09 22:02 - 000000000 ___RD C:\Users\Ethan Hughes\3D Objects
    2017-11-09 21:56 - 2017-11-09 21:56 - 000007623 _____ C:\WINDOWS\diagwrn.xml
    2017-11-09 21:56 - 2017-11-09 21:56 - 000007623 _____ C:\WINDOWS\diagerr.xml
    2017-11-09 21:55 - 2017-12-06 12:39 - 000004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6CF3C14E-5180-4E5F-B2EE-129596D100CD}
    2017-11-09 21:55 - 2017-12-06 12:37 - 000003506 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck
    2017-11-09 21:55 - 2017-12-06 00:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-11-09 21:55 - 2017-12-05 12:54 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2008701448-1604200778-1345039759-1001
    2017-11-09 21:55 - 2017-12-05 00:35 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
    2017-11-09 21:55 - 2017-11-15 12:17 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2017-11-09 21:55 - 2017-11-15 12:17 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2017-11-09 21:55 - 2017-11-14 00:17 - 000003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
    2017-11-09 21:55 - 2017-11-09 21:55 - 000004302 _____ C:\WINDOWS\System32\Tasks\Software Update Application
    2017-11-09 21:55 - 2017-11-09 21:55 - 000003852 _____ C:\WINDOWS\System32\Tasks\ACCAgent
    2017-11-09 21:55 - 2017-11-09 21:55 - 000003692 _____ C:\WINDOWS\System32\Tasks\AcerCMUpdateTask2.1.16258
    2017-11-09 21:55 - 2017-11-09 21:55 - 000003352 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1475440989
    2017-11-09 21:55 - 2017-11-09 21:55 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
    2017-11-09 21:55 - 2017-11-09 21:55 - 000002820 _____ C:\WINDOWS\System32\Tasks\ACC
    2017-11-09 21:55 - 2017-11-09 21:55 - 000002706 _____ C:\WINDOWS\System32\Tasks\UbtFrameworkService
    2017-11-09 21:55 - 2017-11-09 21:55 - 000002328 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
    2017-11-09 21:55 - 2017-11-09 21:55 - 000002316 _____ C:\WINDOWS\System32\Tasks\App Explorer
    2017-11-09 21:55 - 2017-11-09 21:55 - 000002256 _____ C:\WINDOWS\System32\Tasks\Power Button
    2017-11-09 21:55 - 2017-11-09 21:55 - 000002180 _____ C:\WINDOWS\System32\Tasks\Quick Access
    2017-11-09 21:55 - 2017-11-09 21:55 - 000002074 _____ C:\WINDOWS\System32\Tasks\FUBTrackingByPLD
    2017-11-09 21:55 - 2017-11-09 21:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
    2017-11-09 21:55 - 2017-11-09 21:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
    2017-11-09 21:55 - 2017-11-09 21:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
    2017-11-09 21:54 - 2017-12-06 01:03 - 001194770 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2017-11-09 21:44 - 2017-11-09 21:44 - 000000000 ____D C:\ProgramData\USOShared
    2017-11-09 21:40 - 2017-11-09 21:40 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2017-11-09 21:38 - 2017-12-06 13:01 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Local\Packages
    2017-11-09 21:37 - 2017-12-06 00:54 - 000000000 ____D C:\Users\Ethan Hughes
    2017-11-09 21:36 - 2017-09-29 08:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2017-11-09 21:36 - 2017-02-07 21:47 - 000122384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
    2017-11-09 21:36 - 2017-02-07 21:47 - 000113176 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
    2017-11-09 21:35 - 2017-11-09 21:35 - 000000000 ____D C:\WINDOWS\system32\IntelSSTAPO
    2017-11-09 21:33 - 2017-12-06 12:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-11-09 21:32 - 2017-11-15 20:56 - 000416104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2017-11-09 19:05 - 2017-11-10 00:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3
    2017-11-09 19:05 - 2017-11-09 19:05 - 000001483 _____ C:\Users\Public\Desktop\The Sims 3.lnk
    2017-11-09 19:05 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
    2017-11-09 19:05 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
    2017-11-08 20:51 - 2017-11-09 19:12 - 000000000 ____D C:\Users\Ethan Hughes\Documents\Electronic Arts
    2017-11-08 20:50 - 2017-11-15 17:26 - 000001427 _____ C:\Users\Public\Desktop\The Sims 4.lnk
    2017-11-08 20:50 - 2017-11-10 00:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
    2017-11-08 20:50 - 2017-11-08 20:50 - 000000000 ____D C:\ProgramData\Electronic Arts
    2017-11-08 20:50 - 2015-04-14 16:09 - 000447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
    2017-11-08 20:24 - 2017-11-15 21:23 - 000000000 ____D C:\Program Files (x86)\Origin Games
    2017-11-08 20:20 - 2017-11-22 17:07 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Roaming\Origin
    2017-11-08 20:12 - 2017-11-10 00:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
    2017-11-08 20:12 - 2017-11-08 20:12 - 000001070 _____ C:\Users\Public\Desktop\Origin.lnk
    2017-11-08 20:10 - 2017-11-16 18:32 - 000000000 ____D C:\Program Files (x86)\Origin
    2017-11-08 20:06 - 2017-11-18 14:30 - 000000000 ____D C:\ProgramData\Origin
    2017-11-08 20:06 - 2017-11-08 20:24 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Local\Origin
    2017-11-08 20:06 - 2017-11-08 20:06 - 000000000 ____D C:\Users\Ethan Hughes\.QtWebEngineProcess
    2017-11-08 20:06 - 2017-11-08 20:06 - 000000000 ____D C:\Users\Ethan Hughes\.Origin
    2017-11-08 20:05 - 2017-11-08 20:06 - 062397632 _____ (Electronic Arts) C:\Users\Ethan Hughes\Downloads\OriginThinSetup.exe
    2017-11-08 14:59 - 2017-11-09 21:58 - 000000000 ___DC C:\WINDOWS\Panther

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-12-06 13:18 - 2016-10-02 15:05 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Roaming\Spotify
    2017-12-06 13:01 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
    2017-12-06 13:01 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
    2017-12-06 12:37 - 2016-10-02 15:05 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Local\Spotify
    2017-12-06 01:26 - 2016-10-02 17:49 - 000000000 ____D C:\WINDOWS\system32\MRT
    2017-12-06 01:05 - 2017-10-16 14:21 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
    2017-12-06 01:05 - 2016-10-02 17:49 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2017-12-06 01:05 - 2016-10-02 14:43 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Local\Host App Service
    2017-12-06 01:03 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
    2017-12-06 00:57 - 2016-10-02 14:46 - 000000000 __SHD C:\Users\Ethan Hughes\IntelGraphicsProfiles
    2017-12-06 00:55 - 2017-09-29 03:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2017-12-05 13:07 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2017-12-05 13:05 - 2016-06-21 04:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
    2017-12-05 12:56 - 2016-11-02 12:34 - 000000000 ___RD C:\Users\Ethan Hughes\OneDrive for Business
    2017-12-05 12:54 - 2017-06-20 11:22 - 000002392 _____ C:\Users\Ethan Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2017-12-05 12:54 - 2016-10-02 14:51 - 000000000 ___RD C:\Users\Ethan Hughes\OneDrive
    2017-12-01 12:41 - 2016-10-20 14:08 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Local\CrashDumps
    2017-11-29 19:25 - 2017-01-30 13:53 - 000000000 ____D C:\Users\Ethan Hughes\Documents\Personal
    2017-11-29 19:16 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
    2017-11-29 14:27 - 2016-05-04 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
    2017-11-22 17:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2017-11-19 12:27 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache
    2017-11-16 17:39 - 2017-01-31 10:15 - 000000000 ____D C:\Program Files (x86)\Steam
    2017-11-16 17:17 - 2017-09-29 03:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2017-11-15 22:02 - 2017-06-09 07:23 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
    2017-11-15 22:02 - 2016-10-02 15:40 - 000455376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
    2017-11-15 22:00 - 2016-10-02 15:39 - 000000000 ____D C:\ProgramData\AVAST Software
    2017-11-15 21:58 - 2016-10-02 15:40 - 000455384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.151080137653103
    2017-11-15 21:58 - 2016-10-02 15:40 - 000364464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
    2017-11-15 21:58 - 2016-10-02 15:40 - 000203976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
    2017-11-15 21:58 - 2016-10-02 15:40 - 000148288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
    2017-11-15 21:58 - 2016-10-02 15:40 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2017-11-15 21:58 - 2016-10-02 15:40 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
    2017-11-15 21:57 - 2016-10-02 15:40 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2017-11-15 21:53 - 2016-10-02 15:40 - 001026232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
    2017-11-15 21:52 - 2017-02-07 10:40 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
    2017-11-15 21:52 - 2017-02-07 10:40 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
    2017-11-15 21:52 - 2017-02-07 10:40 - 000198968 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
    2017-11-15 21:52 - 2017-02-07 10:40 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
    2017-11-15 21:40 - 2016-05-04 22:02 - 000000000 ____D C:\ProgramData\Package Cache
    2017-11-15 21:38 - 2016-05-04 22:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2017-11-15 20:53 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2017-11-15 20:53 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12
    2017-11-15 20:53 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
    2017-11-15 20:53 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2017-11-15 20:53 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2017-11-15 20:53 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2017-11-15 20:53 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
    2017-11-15 20:01 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
    2017-11-14 00:23 - 2016-05-04 22:01 - 000000000 ____D C:\Program Files (x86)\Acer
    2017-11-14 00:20 - 2016-10-02 14:48 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Local\clear.fi
    2017-11-14 00:16 - 2016-05-04 22:46 - 000000000 ___HD C:\OEM
    2017-11-13 23:39 - 2016-10-02 15:02 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-11-13 23:39 - 2016-10-02 15:02 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2017-11-10 12:23 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\appcompat
    2017-11-10 00:32 - 2017-09-29 08:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2017-11-10 00:29 - 2017-09-29 08:49 - 000000000 ____D C:\WINDOWS\Setup
    2017-11-10 00:29 - 2017-09-29 08:46 - 000000000 __RHD C:\Users\Public\Libraries
    2017-11-10 00:29 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\spool
    2017-11-10 00:29 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\NDF
    2017-11-10 00:29 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2017-11-10 00:29 - 2017-06-13 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2017-11-10 00:29 - 2017-05-23 14:10 - 000000000 ____D C:\Program Files\UNP
    2017-11-10 00:29 - 2017-01-31 10:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2017-11-10 00:29 - 2017-01-15 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Finale NotePad 2012
    2017-11-10 00:29 - 2016-10-26 17:21 - 000000000 ____D C:\Program Files\Intel
    2017-11-10 00:29 - 2016-10-02 14:41 - 000000000 ____D C:\WINDOWS\oem
    2017-11-10 00:29 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
    2017-11-10 00:29 - 2016-06-21 06:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
    2017-11-10 00:29 - 2016-06-21 06:07 - 000000000 ____D C:\WINDOWS\system32\ihvmanager
    2017-11-10 00:29 - 2016-06-21 04:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
    2017-11-10 00:29 - 2016-05-04 22:01 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2017-11-10 00:25 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\oobe
    2017-11-10 00:24 - 2016-10-26 17:19 - 000000000 ____D C:\Program Files\Realtek
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\yo-NG
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\wo-SN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\vi-VN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ur-PK
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ug-CN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tt-RU
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tk-TM
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ti-ET
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\te-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ta-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sw-KE
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sq-AL
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\si-LK
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\rw-RW
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\quz-PE
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\prs-AF
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\pa-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\or-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\nn-NO
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ne-NP
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mt-MT
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mr-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mn-MN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ml-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mk-MK
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\lo-LA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\lb-LU
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ky-KG
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kok-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kn-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\km-KH
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ka-GE
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\is-IS
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ig-NG
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\id-ID
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\hy-AM
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\gu-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\gd-GB
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ga-IE
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\fil-PH
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\fa-IR
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\cy-GB
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bn-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bn-BD
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\be-BY
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\as-IN
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\am-ET
    2017-11-10 00:21 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\af-ZA
    2017-11-09 22:03 - 2016-11-16 13:28 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Local\MicrosoftEdge
    2017-11-09 22:02 - 2016-10-26 17:50 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Local\ConnectedDevicesPlatform
    2017-11-09 22:02 - 2016-10-02 14:46 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Local\TileDataLayer
    2017-11-09 22:02 - 2016-02-13 08:20 - 000000000 __RHD C:\Users\Public\AccountPictures
    2017-11-09 21:57 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2017-11-09 21:56 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Registration
    2017-11-09 21:55 - 2016-10-26 17:40 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
    2017-11-09 21:45 - 2016-10-26 18:12 - 000000000 ____D C:\Users\Ethan Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
    2017-11-09 21:44 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\USOPrivate
    2017-11-09 21:40 - 2017-09-29 08:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2017-11-09 21:37 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
    2017-11-09 21:36 - 2016-10-26 17:21 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
    2017-11-09 21:35 - 2016-10-26 17:20 - 001540112 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
    2017-11-09 21:35 - 2016-10-26 17:20 - 000000000 ____D C:\WINDOWS\system32\DAX2
    2017-11-09 21:34 - 2016-10-26 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2017-11-08 14:46 - 2017-06-09 07:18 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
    2017-11-06 13:19 - 2017-10-02 12:17 - 000000000 ____D C:\Program Files\rempl

    Some files in TEMP:
    ====================
    2016-10-02 14:41 - 2016-10-02 14:42 - 058523032 _____ (SweetLabs,Inc.) C:\Users\defaultuser0\AppData\Local\Temp\oct289B.tmp.exe

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2017-11-27 21:18

    ==================== End of FRST.txt ============================
     
  2. EJHughes2392

    EJHughes2392 Thread Starter

    Joined:
    Dec 6, 2017
    Messages:
    2
    First Name:
    Ethan
    Here is the additional scan:

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2017
    Ran by Ethan Hughes (06-12-2017 13:26:14)
    Running from C:\Users\Ethan Hughes\Downloads
    Windows 10 Home Version 1709 16299.64 (X64) (2017-11-10 02:58:41)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2008701448-1604200778-1345039759-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-2008701448-1604200778-1345039759-503 - Limited - Disabled)
    Ethan Hughes (S-1-5-21-2008701448-1604200778-1345039759-1001 - Administrator - Enabled) => C:\Users\Ethan Hughes
    Guest (S-1-5-21-2008701448-1604200778-1345039759-501 - Limited - Disabled)
    WDAGUtilityAccount (S-1-5-21-2008701448-1604200778-1345039759-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
    abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
    Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
    Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
    Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3003 - Acer Incorporated)
    Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.01.3001 - Acer Incorporated)
    Amazon Assistant (HKLM-x32\...\{EDA2A064-F600-47BA-9EBA-58BE807BF6D2}) (Version: 10.17.0926 - Amazon) <==== ATTENTION
    AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
    App Explorer (HKU\S-1-5-21-2008701448-1604200778-1345039759-1001\...\Host App Service) (Version: 0.273.2.476 - SweetLabs)
    Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
    ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
    Avast Driver Updater (HKLM-x32\...\{06E0CADE-89B2-4EFD-B0AF-0DDCE4400E70}) (Version: 2.2.3 - AVAST Software) Hidden
    Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.2.3 - AVAST Software)
    Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
    CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
    Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
    DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3013 - Acer Incorporated)
    FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.48.30259 - Electronic Arts)
    Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic)
    FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
    FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
    Freedome VPN (source) (HKLM-x32\...\{83A4BF20-6745-437C-98D8-3C4B94D174EB}) (Version: 1.16.0612 - Acer)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
    Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation)
    Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
    Intel® Security Assist (HKLM-x32\...\{CCBE9F01-C2C3-469C-A508-2E23A7495E91}) (Version: 1.0.0.609 - Intel Corporation)
    iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
    Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8625.2139 - Microsoft Corporation)
    Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.8625.2139 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-2008701448-1604200778-1345039759-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
    Mozilla Firefox 56.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 en-US)) (Version: 56.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2139 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
    Origin (HKLM-x32\...\Origin) (Version: 10.5.6.6235 - Electronic Arts, Inc.)
    Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10299 - Qualcomm Atheros)
    Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.191 - Qualcomm Atheros)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7773 - Realtek Semiconductor Corp.)
    SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
    Spotify (HKU\S-1-5-21-2008701448-1604200778-1345039759-1001\...\Spotify) (Version: 1.0.68.407.g6864aaaf - Spotify AB)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
    The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.36.104.1020 - Electronic Arts Inc.)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{17515373-7495-4995-9089-B7D6DF455C38}) (Version: 2.6.0.0 - Microsoft Corporation)
    VirtualDJ 8 (HKLM-x32\...\{0EA0F8C9-7E82-4196-8B67-A42626194118}) (Version: 8.2.3456.0 - Atomix Productions)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
    ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
    ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-15] (AVAST Software)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-15] (AVAST Software)
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-15] (AVAST Software)
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-15] (AVAST Software)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxDTCM.dll [2017-02-07] (Intel Corporation)
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-15] (AVAST Software)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {06CBE828-B60A-464B-AA6E-48694627D746} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-02] (Google Inc.)
    Task: {0F1F25F8-7715-4B0F-9567-3F602C616ADE} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2017-05-24] ()
    Task: {156174FF-0BBA-4B79-BFB6-FC222C4F0060} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-03-20] (Acer Incorporated)
    Task: {1D88610F-A18D-4233-BFC0-DDD1C0D56496} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
    Task: {290C4C65-1EA9-48A4-88EC-82031A6AB1DD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-08-14] (AVAST Software)
    Task: {3B125365-E1EF-4E7F-8431-9A9C20E61C0F} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-03-10] (Acer Incorporated)
    Task: {4E4CBBCC-F0E5-48D2-9D9C-200292E8FFE8} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2016-03-10] (Acer Incorporated)
    Task: {506CCE0D-0246-4180-91EE-46B3FC848281} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-15] (AVAST Software)
    Task: {549B7FAF-4891-4603-B2C9-472755E0F1D5} - System32\Tasks\SafeZone scheduled Autoupdate 1475440989 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
    Task: {65B0C647-3D5A-48F3-91F2-BE9F82BC9ABC} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2016-01-20] ()
    Task: {775466C5-E7C9-41AB-AB24-CB9F754192AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-02] (Google Inc.)
    Task: {7BBB146B-7ED3-47E7-8960-4B7A8E647985} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-03-10] (Acer Incorporated)
    Task: {7C2B7DF1-6732-4B62-A94C-7E0CDF12A0DF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-29] ()
    Task: {83E1EC89-6866-4956-AA89-A97A0EE66B22} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation)
    Task: {88A1E353-4F27-4893-8687-694D851152E3} - System32\Tasks\App Explorer => C:\Users\Ethan Hughes\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2017-11-20] (SweetLabs, Inc) <==== ATTENTION
    Task: {8AA589EA-356C-4284-903D-325565BCD81B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-01-14] (Intel(R) Corporation)
    Task: {A52D5828-3B08-4595-A94A-1498D09FC27A} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
    Task: {B4D32C25-71FF-4B18-A0A2-B0953E892BDF} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] ()
    Task: {CDDB08B6-CBDB-4E90-A18F-58E8990A45B3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
    Task: {D6036386-5AC6-496B-AE04-19A10731B3D8} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2017-10-02] (Acer)
    Task: {DC911A9F-8342-4A4E-B361-210CFF970748} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
    Task: {E1823288-ABD2-4F73-9023-D1FE6B62871B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {E8D41A8B-BC0B-48CF-A797-944D89EACB1E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-01] (Microsoft Corporation)
    Task: {E94A9A9F-3C59-4C1F-90CC-E398E79091B3} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [2017-09-27] (AVAST Software)
    Task: {EE69AFAA-A067-4244-B7D9-085CB7BC2F8E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-12-01] (Microsoft Corporation)
    Task: {EF2B7030-8BE8-4630-AECA-37BCF366E6AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-12-01] (Microsoft Corporation)
    Task: {F1770A8C-D9E4-4E62-ADEA-E0C75741AC14} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-29] ()
    Task: {F522DA47-E95E-4844-9B65-EBE5CED19100} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-22] (Microsoft Corporation)
    Task: {F53D4274-6AC2-4980-AB2E-6C572658FF32} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2017-05-24] ()

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    Shortcut: C:\Users\Ethan Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
    Shortcut: C:\Users\Ethan Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

    ==================== Loaded Modules (Whitelisted) ==============

    2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
    2015-12-02 17:37 - 2015-12-02 17:37 - 005570064 _____ () C:\WINDOWS\system32\IntelSSTAPO\ParameterService\libxml2-2.dll
    2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2017-05-08 23:44 - 2017-05-08 23:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2017-10-04 12:06 - 2017-10-04 12:06 - 000105136 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
    2016-10-02 15:29 - 2017-11-07 18:09 - 008931496 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
    2016-05-04 22:08 - 2015-05-08 12:41 - 000111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
    2017-09-29 08:42 - 2017-09-29 09:43 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2017-09-29 08:42 - 2017-09-29 09:43 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2017-11-15 21:53 - 2017-11-15 21:53 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
    2017-11-13 23:39 - 2017-11-10 04:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
    2017-11-13 23:39 - 2017-11-10 04:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
    2017-05-24 20:11 - 2017-05-24 20:11 - 004645168 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
    2017-11-30 13:19 - 2017-11-30 13:20 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    2017-11-30 13:19 - 2017-11-30 13:20 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
    2017-09-22 15:14 - 2017-09-22 15:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
    2017-09-22 15:17 - 2017-09-22 15:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
    2017-09-22 15:17 - 2017-09-22 15:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
    2017-09-22 15:16 - 2017-09-22 15:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
    2017-11-14 00:16 - 2017-11-14 00:16 - 000015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
    2017-03-20 14:24 - 2017-03-20 14:24 - 000013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
    2017-03-20 14:21 - 2017-03-20 14:21 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
    2017-10-02 14:56 - 2017-10-02 14:56 - 000202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
    2017-10-02 14:56 - 2017-10-02 14:56 - 000119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
    2017-12-05 12:53 - 2017-12-05 12:53 - 000102088 _____ () C:\Users\Ethan Hughes\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
    2017-11-15 21:53 - 2017-11-15 21:53 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
    2017-11-15 21:53 - 2017-11-15 21:53 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
    2017-11-15 21:55 - 2017-11-15 21:56 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2017-11-15 21:53 - 2017-11-15 21:53 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
    2017-11-15 21:53 - 2017-11-15 21:53 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
    2017-11-15 21:52 - 2017-11-15 21:52 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
    2016-02-11 19:47 - 2016-02-11 19:47 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2016-10-02 15:05 - 2017-11-25 00:44 - 068211824 _____ () C:\Users\Ethan Hughes\AppData\Roaming\Spotify\libcef.dll
    2016-10-02 15:05 - 2017-11-25 00:44 - 003110512 _____ () C:\Users\Ethan Hughes\AppData\Roaming\Spotify\libglesv2.dll
    2016-10-02 15:05 - 2017-11-25 00:44 - 000087152 _____ () C:\Users\Ethan Hughes\AppData\Roaming\Spotify\libegl.dll
    2016-10-02 15:26 - 2017-11-07 18:09 - 008930992 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\1033\GrooveIntlResource.dll
    2016-10-02 15:29 - 2017-12-01 04:23 - 001452728 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ClientTelemetry.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-2008701448-1604200778-1345039759-1001\...\sharepoint.com -> hxxps://wutigers-myfiles.sharepoint.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2015-10-30 02:24 - 2015-10-30 02:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2008701448-1604200778-1345039759-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ethan Hughes\Downloads\Flag_of_Cincinnati.svg.png
    DNS Servers: 136.227.1.10 - 136.227.1.11
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKU\S-1-5-21-2008701448-1604200778-1345039759-1001\...\StartupApproved\Run: => "Steam"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{22BB775B-BB31-47C4-8542-AE4C6F9414A4}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
    FirewallRules: [{C2AAC4C9-C70D-43DD-B584-3E50E8D18205}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
    FirewallRules: [{D8E74072-1126-4F95-8D4F-45EC6FC1B4B6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe
    FirewallRules: [{20821A04-9176-4D78-AF66-7346080DD27F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{1EC48AB6-1A4B-4C94-A414-0532FD32AAF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
    FirewallRules: [{DB4E6399-CFE5-4D4E-9BB0-EDD5CAC30F35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
    FirewallRules: [{BE8006F1-2BAB-471A-87BA-1536D85A4970}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{8A908535-D094-46FF-A05D-84B2C267D421}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{8AEBCE84-CB3E-4526-AC8D-9F9CE4E92B97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spore\SporeBin\SporeApp.exe
    FirewallRules: [{EC614104-6BB2-4F2B-892F-3D1F0537D323}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spore\SporeBin\SporeApp.exe
    FirewallRules: [{22BA3E5B-0D8C-4228-A31E-2C1F517BFD65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe
    FirewallRules: [{4B2ADADD-C3AC-44C1-8EAD-51F2664BF56D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe
    FirewallRules: [{6D5FAE70-E05A-46A2-9DB7-8942727215CE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{132B0616-130A-49E8-BAD8-CC3D6EFE4972}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{416C4B83-16F1-41FF-A5C7-CBC48BB0AA90}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{CF9C4258-A86F-4CEB-8D39-5105FD0CAD4D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{B27F4AF1-4639-497C-ABCC-7C8A1F09F07E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{FF3336F4-A972-4715-B130-8D09F2F4B6D6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{6E47E648-1BBC-420B-BBD4-707245726D3D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{6E938509-FE08-4DAD-A680-25EAB5BD9B39}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{8FE46E36-6097-46C9-B94D-04C3771C6564}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{A39A0342-6DFE-42C3-A648-76B724BF1BF3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{2D3CD0F4-EA05-400A-826E-A08212D9CA3A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
    FirewallRules: [{B3339414-F9A7-450A-97F2-F739D85297E3}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
    FirewallRules: [{CA7DB177-8790-411D-8BC7-CB1B6BF806FD}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
    FirewallRules: [{1375A0AA-74D5-4730-B801-85A386BE5CB5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
    FirewallRules: [{3F5A4D9E-CB9B-4F94-882B-2FBE793FCC83}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
    FirewallRules: [{CF1D77F8-5C09-4F16-B39E-EF7FF7328110}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
    FirewallRules: [{539C7237-3AC4-40A8-9A7E-0D55345A6E27}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
    FirewallRules: [{1A4B3766-2131-47AE-BCC9-5301BDC6444B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
    FirewallRules: [{DDB1AAA5-267B-4C25-B086-4D306497AB15}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
    FirewallRules: [{93192B3B-2168-45B1-BA04-7EEE80B4D42F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
    FirewallRules: [{B17CE905-2CA3-4F74-985F-D6D49D8C9B38}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
    FirewallRules: [{EFF44C21-37BC-44AB-8388-E0DB357C9CB7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
    FirewallRules: [{1A8D5D81-E56A-41DA-ADC4-EF08661352D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{8A1F2DD3-7B02-4C39-B0D2-3174AE7715D6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{3AB2E93A-4ABF-43FA-BD9E-8E7F1B8FA76E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{798F9B8A-5658-4227-B43B-7237FE9FB1A6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{5411C2AC-0E76-48FD-ACBE-72F7A923E5A6}C:\users\ethan hughes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ethan hughes\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{CEA65999-C46D-475C-89E9-250058C3B798}C:\users\ethan hughes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ethan hughes\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{64642017-3E71-4F4E-90DE-624386FED63F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{ED7F0133-C754-46A2-8270-792E07278ADE}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
    FirewallRules: [{7EBC514A-EEAE-4FCE-B889-ED21D780A4EA}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
    FirewallRules: [{C286D835-CD83-49A2-8D94-0B0741651517}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
    FirewallRules: [{0298D661-56EF-4AEB-885E-475904252A14}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
    FirewallRules: [{7584E93F-5E9E-4051-B064-5C409C834A6A}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe
    FirewallRules: [{80CEC651-C60A-4ED9-9377-798C3A72A4FF}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe

    ==================== Restore Points =========================

    06-12-2017 01:03:55 Windows Update

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/06/2017 01:18:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 80453

    Error: (12/06/2017 01:18:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 80453

    Error: (12/06/2017 01:18:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/06/2017 01:17:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 5672

    Error: (12/06/2017 01:17:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 5672

    Error: (12/06/2017 01:17:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/06/2017 01:17:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 4594

    Error: (12/06/2017 01:17:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 4594

    Error: (12/06/2017 01:17:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/06/2017 01:17:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 3500


    System errors:
    =============
    Error: (12/06/2017 12:39:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (12/06/2017 12:37:40 PM) (Source: DCOM) (EventID: 10016) (User: HUGHES)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user HUGHES\Ethan Hughes SID (S-1-5-21-2008701448-1604200778-1345039759-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (12/06/2017 01:11:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (12/06/2017 01:02:05 AM) (Source: DCOM) (EventID: 10016) (User: HUGHES)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user HUGHES\Ethan Hughes SID (S-1-5-21-2008701448-1604200778-1345039759-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (12/06/2017 01:02:00 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Delivery Optimization service hung on starting.

    Error: (12/06/2017 12:59:58 AM) (Source: DCOM) (EventID: 10016) (User: HUGHES)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user HUGHES\Ethan Hughes SID (S-1-5-21-2008701448-1604200778-1345039759-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (12/06/2017 12:57:55 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.

    Error: (12/06/2017 12:57:24 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.

    Error: (12/06/2017 12:57:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (12/06/2017 12:57:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the FontCache3.0.0.0 service to connect.


    CodeIntegrity:
    ===================================
    Date: 2017-12-06 13:18:29.948
    Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-12-06 13:18:29.947
    Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-12-06 13:18:29.793
    Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-12-06 13:18:29.791
    Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-12-06 13:18:29.297
    Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-12-06 13:18:29.294
    Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-12-06 13:18:29.260
    Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-12-06 13:18:29.259
    Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-12-06 13:18:24.508
    Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-12-06 13:18:24.499
    Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
    Percentage of memory in use: 78%
    Total physical RAM: 3969.9 MB
    Available physical RAM: 871.91 MB
    Total Virtual: 7169.9 MB
    Available Virtual: 2964.78 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:812.75 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: 97C9FAD4)

    Partition: GPT.

    ==================== End of Addition.txt ============================

    If I could get some help in easy to follow steps, it would be super appreciated! I'm just trying to get through finals week!

    Best,

    Ethan
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1200691

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice