Results 1 to 10 of 10
  1. #1
    Member
    Join Date
    Oct 2006
    Location
    PA
    Posts
    63
    Points
    0

    Default Very slow computer that freezes

    I'm having problems with my computer.When I scroll through pages like yahoo,and facebook it will eventually slow down to the point where I have to close out,and restart my browser.Here's my logs:

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 01/27/2018 at 01:13 AM

    Application Version : 6.0.1254
    Database Version : 14336

    Scan type : Complete Scan
    Total Scan Time : 00:19:12

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 650
    Memory items detected : 0
    Registry items scanned : 49534
    Registry items detected : 0
    File items scanned : 22048
    File items detected : 246

    Adware.Tracking Cookie
    .abmr.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adsensecustomsearchads.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adgrx.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adgrx.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .tribalfusion.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    sundaysky-partners.tremorhub.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    tag.crsspxl.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    Dead End [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .btrll.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .ads.linkedin.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .connexity.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .scorecardresearch.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .hlserve.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .dotomi.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .mathtag.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .nexage.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    match.rundsp.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    match.rundsp.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .tealiumiq.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adsrvr.org [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adsrvr.org [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .tapad.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .tapad.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .tapad.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adsymptotic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .storygize.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .scorecardresearch.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .scorecardresearch.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .contextweb.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .truoptik.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .crwdcntrl.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .crwdcntrl.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .crwdcntrl.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .crwdcntrl.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .krxd.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    i.liadm.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .lijit.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .1rx.io [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .sitescout.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .afy11.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .agkn.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adaptv.advertising.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adentifi.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .dmtry.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .acuityplatform.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .bidr.io [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .bluekai.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .bluekai.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .ojrq.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adhigh.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .s.thebrighttag.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    s.thebrighttag.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .s.thebrighttag.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .s.thebrighttag.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .s.thebrighttag.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .s.thebrighttag.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .s.thebrighttag.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .s.thebrighttag.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .bidswitch.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    recs.richrelevance.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .basebanner.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .ctnsnet.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .dotomi.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .rlcdn.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .rkdms.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .ipredictive.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .demdex.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .demdex.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pippio.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pippio.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .dpm.demdex.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .dotomi.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .dyntrk.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .eyereturn.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .everesttech.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .everesttech.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .everesttech.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .everesttech.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .netmng.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .extend.tv [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .turn.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adhigh.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .hlserve.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .hlserve.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .openx.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    io.narrative.io [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .geo-um.btrll.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .liadm.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    rp.liadm.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .lijit.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .lijit.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .mediawallahscript.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .w55c.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .w55c.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .w55c.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .w55c.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .mathtag.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .addthis.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .richrelevance.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .mxptint.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    recs.richrelevance.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pippio.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .outbrain.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .ctnsnet.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    recs.richrelevance.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .owneriq.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .mediawallahscript.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .contextweb.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .cw.addthis.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .owneriq.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    recs.richrelevance.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adhigh.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    recs.richrelevance.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .pippio.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .gwallet.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .gwallet.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .rlcdn.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adaptv.advertising.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .rlcdn.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .bnmla.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .bnmla.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .bnmla.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .bnmla.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    recs.richrelevance.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .rkdms.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .owneriq.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .skimresources.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .skimresources.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .skimresources.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .skimresources.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .sitescout.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .sundaysky.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .sundaysky.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .sundaysky.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .contextweb.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .taboola.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .tidaltv.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .taboola.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .taboola.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .taboola.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    trc.taboola.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    trc.taboola.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    trc.taboola.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    trc.taboola.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .taboola.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .tidaltv.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    dmp.truoptik.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    dmp.truoptik.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    dmp.truoptik.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .bidswitch.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .creative-serving.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    p.liadm.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .bidswitch.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .creative-serving.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    p.liadm.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .tremorhub.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .agkn.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    recs.richrelevance.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .addthis.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adform.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .criteo.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .simpli.fi [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .turn.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .univide.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .mathtag.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .mathtag.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .gumgum.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    rel.webcollage.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    rel.webcollage.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .w55c.net [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .yieldmo.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]
    .zemanta.com [ C:\USERS\LOLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6ZOD407B.DEFAULT-1399124769007\COOKIES.SQLITE ]

    ============
    End of Log
    ============



    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 1:51:20 AM, on 1/27/2018
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.18894)

    FIREFOX: 58.0 (x86 en-US)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Users\LOLA\Downloads\HijackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=yset_ie_sy...ype=orcl_hpset
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?ilc=8
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    O4 - HKLM\..\Run: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
    O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
    O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    O4 - Startup: Monitor Ink Alerts - HP Deskjet 2540 series.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: Upload to Facebook - C:\Program Files (x86)\FaceOffMax\share\iecontext.htm
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
    O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
    O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
    O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
    O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    O23 - Service: HP Touchpoint Analytics (HPTouchpointAnalyticsService) - HP Inc. - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
    O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 12000 bytes




    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 1/27/18
    Scan Time: 1:15 AM
    Log File: 72d2243a-0329-11e8-b90b-38607777b512.json
    Administrator: Yes

    -Software Information-
    Version: 3.3.1.2183
    Components Version: 1.0.262
    Update Package Version: 1.0.3796
    License: Free

    -System Information-
    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: ANNIERYAN\LOLA

    -Scan Summary-
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 263210
    Threats Detected: 0
    (No malicious items detected)
    Threats Quarantined: 0
    (No malicious items detected)
    Time Elapsed: 12 min, 4 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Warn
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 0
    (No malicious items detected)

    Physical Sector: 0
    (No malicious items detected)


    (end)

  2. #2
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi ry7577,

    I do apologize for the delay in responding.

    I don't see anything in the above scan logs that indicate this is a malware infestation so let's run a couple more scans that will provide deeper insight into the registry/file system.

    Please do as follows:

    Download AdwCleaner from here. Save the file to the desktop.

    NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

    Close all open windows and browsers.
    • XP users: Double click the AdwCleaner icon to start the program.
    • Vista/7/8/10 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    • Click the Scan button and wait for the scan to finish.
    • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
    • Click the Clean button.
    • Everything checked will be moved to Quarantine.
    • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this.
    • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C0].txt


    Next:

    Please download Farbar Recovery Scan Tool and save it to your desktop. <<< Very Important!

    Note: You will need to chose the 64-bit version for your computer.

    • Make sure that FRST is on the desktop of the infected system
    • Right click and choose Run as administrator. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates a second log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


    In your next reply, please include the following logs:

    C:\AdwCleaner\AdwCleaner[C0].txt
    FRST.txt
    Addition.txt


    Thank you,
    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  3. #3
    Member
    Join Date
    Oct 2006
    Location
    PA
    Posts
    63
    Points
    0

    Default

    # AdwCleaner 7.0.7.0 - Logfile created on Sun Jan 28 06:36:37 2018
    # Updated on 2018/18/01 by Malwarebytes
    # Database: 01-26-2018.4
    # Running on Windows 7 Home Premium (X64)
    # Mode: scan
    # Support: https://www.malwarebytes.com/support

    ***** [ Services ] *****

    No malicious services found.

    ***** [ Folders ] *****

    No malicious folders found.

    ***** [ Files ] *****

    No malicious files found.

    ***** [ DLL ] *****

    No malicious DLLs found.

    ***** [ WMI ] *****

    No malicious WMI found.

    ***** [ Shortcuts ] *****

    No malicious shortcuts found.

    ***** [ Tasks ] *****

    No malicious tasks found.

    ***** [ Registry ] *****

    No malicious registry entries found.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries.

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries.

    *************************

    C:/AdwCleaner/AdwCleaner[C0].txt - [2801 B] - [2017/12/18 18:1:39]
    C:/AdwCleaner/AdwCleaner[S0].txt - [7092 B] - [2013/12/27 0:0:54]
    C:/AdwCleaner/AdwCleaner[S1].txt - [2863 B] - [2017/12/18 18:1:24]
    C:/AdwCleaner/AdwCleaner[S2].txt - [1155 B] - [2017/12/23 0:21:38]


    ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########



    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
    Ran by LOLA (administrator) on ANNIERYAN (28-01-2018 01:52:10)
    Running from C:\Users\LOLA\Desktop
    Loaded Profiles: LOLA (Available Profiles: LOLA)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
    (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    (Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    (HP Inc.) C:\Program Files\hp\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    (Malwarebytes) C:\Users\LOLA\Downloads\adwcleaner_7.0.7.0.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2017-12-21] (AVAST Software)
    HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2017-11-08] (PDF Complete Inc)
    Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKU\S-1-5-21-3271507604-324760026-559401053-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
    Startup: C:\Users\LOLA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2540 series.lnk [2017-11-14]
    ShortcutTarget: Monitor Ink Alerts - HP Deskjet 2540 series.lnk -> C:\Program Files\hp\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46
    Tcpip\..\Interfaces\{3EE9E074-80F9-4246-8A82-16CA52EF243E}: [DhcpNameServer] 208.59.247.45 208.59.247.46
    Tcpip\..\Interfaces\{7AEB7E5D-FBBC-4E8F-890F-5A588E3B219A}: [DhcpNameServer] 208.59.247.45 208.59.247.46

    Internet Explorer:
    ==================
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/?ilc=8
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com/?ilc=8
    HKU\S-1-5-21-3271507604-324760026-559401053-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
    HKU\S-1-5-21-3271507604-324760026-559401053-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
    HKU\S-1-5-21-3271507604-324760026-559401053-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
    SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2455} URL =
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
    SearchScopes: HKLM -> {35CB85C6-F815-46EE-8982-914E534A3B95} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope value is missing
    SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
    SearchScopes: HKU\S-1-5-21-3271507604-324760026-559401053-1000 -> DefaultScope {153C9155-48BB-426F-8758-0BD6D58F4FC6} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
    SearchScopes: HKU\S-1-5-21-3271507604-324760026-559401053-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-3271507604-324760026-559401053-1000 -> {153C9155-48BB-426F-8758-0BD6D58F4FC6} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
    SearchScopes: HKU\S-1-5-21-3271507604-324760026-559401053-1000 -> {5FF31B99-8E89-4EB7-89EC-AB44C6E66036} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-ydwnld
    SearchScopes: HKU\S-1-5-21-3271507604-324760026-559401053-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-09] (AVAST Software)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-09] (AVAST Software)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
    Toolbar: HKU\S-1-5-21-3271507604-324760026-559401053-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

    FireFox:
    ========
    FF DefaultProfile: 6zod407b.default-1399124769007
    FF ProfilePath: C:\Users\LOLA\AppData\Roaming\Mozilla\Firefox\Profiles\6zod407b.default-1399124769007 [2018-01-28]
    FF Homepage: Mozilla\Firefox\Profiles\6zod407b.default-1399124769007 -> www.yahoo.com/
    FF Extension: (Avast SafePrice) - C:\Users\LOLA\AppData\Roaming\Mozilla\Firefox\Profiles\6zod407b.default-1399124769007\Extensions\sp@avast.com.xpi [2017-12-05]
    FF Extension: (Avast Online Security) - C:\Users\LOLA\AppData\Roaming\Mozilla\Firefox\Profiles\6zod407b.default-1399124769007\Extensions\wrc@avast.com.xpi [2017-10-07]
    FF Extension: (Search Addon) - C:\Users\LOLA\AppData\Roaming\Mozilla\Firefox\Profiles\6zod407b.default-1399124769007\Extensions\{b8f584ce-4ddf-48dd-afc8-bc11eee4873d}.xpi [2017-05-24] [Legacy]
    FF Extension: (Adblock Plus) - C:\Users\LOLA\AppData\Roaming\Mozilla\Firefox\Profiles\6zod407b.default-1399124769007\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-13]
    FF Extension: (Default Full Zoom Level) - C:\Users\LOLA\AppData\Roaming\Mozilla\Firefox\Profiles\6zod407b.default-1399124769007\Extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D} [2016-02-04] [Legacy]
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-09] ()
    FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll [2013-01-06] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-09] ()
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2012-06-25] ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2012-10-19] (Coupons, Inc.)

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR StartupUrls: Default -> "www.yahoo.com/?fr=fp-msgr&type="
    CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
    CHR DefaultSearchKeyword: Default -> yahoo.com
    CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
    CHR Profile: C:\Users\LOLA\AppData\Local\Google\Chrome\User Data\Default [2018-01-28]
    CHR Extension: (Avast SafePrice) - C:\Users\LOLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-10-28]
    CHR Extension: (Avast Online Security) - C:\Users\LOLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-28]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\LOLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-28]
    CHR Extension: (Chrome Media Router) - C:\Users\LOLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-16] (SUPERAntiSpyware.com)
    R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
    R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2017-12-21] (AVAST Software)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2017-12-21] (AVAST Software)
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
    R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
    R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1793088 2017-11-08] (PDF Complete Inc)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2017-12-21] (AVAST Software)
    R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2017-12-21] (AVAST Software)
    R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2017-12-21] (AVAST Software)
    R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2017-12-21] (AVAST Software)
    R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2017-12-21] (AVAST Software)
    R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [149344 2017-12-21] (AVAST Software)
    S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2017-12-21] (AVAST Software)
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-08-31] (AVAST Software)
    R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146648 2018-01-10] (AVAST Software)
    R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2017-12-21] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2017-12-21] (AVAST Software)
    R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2017-12-21] (AVAST Software)
    R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457896 2018-01-10] (AVAST Software)
    R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2017-12-21] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2017-12-21] (AVAST Software)
    R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-27] (Malwarebytes)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-02-15] (Apple, Inc.) [File not signed]
    U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-01-28 01:52 - 2018-01-28 01:54 - 000017453 _____ C:\Users\LOLA\Desktop\FRST.txt
    2018-01-28 01:49 - 2018-01-28 01:49 - 000001102 _____ C:\Users\LOLA\Downloads\FRST64 - Shortcut.lnk
    2018-01-28 01:34 - 2018-01-28 01:52 - 000000000 ____D C:\FRST
    2018-01-28 01:32 - 2018-01-28 01:32 - 008206624 _____ (Malwarebytes) C:\Users\LOLA\Downloads\adwcleaner_7.0.7.0.exe
    2018-01-28 01:32 - 2018-01-28 01:32 - 002393088 _____ (Farbar) C:\Users\LOLA\Desktop\FRST64.exe
    2018-01-08 20:15 - 2017-12-31 21:21 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2018-01-08 20:15 - 2017-12-31 21:21 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2018-01-08 20:15 - 2017-12-31 21:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2018-01-08 20:15 - 2017-12-31 21:21 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2018-01-08 20:15 - 2017-12-31 21:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
    2018-01-08 20:15 - 2017-12-31 21:21 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2018-01-08 20:15 - 2017-12-31 21:19 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2018-01-08 20:15 - 2017-12-31 21:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2018-01-08 20:15 - 2017-12-31 21:18 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2018-01-08 20:15 - 2017-12-31 21:18 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2018-01-08 20:15 - 2017-12-31 21:13 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2018-01-08 20:15 - 2017-12-31 21:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
    2018-01-08 20:15 - 2017-12-31 21:02 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2018-01-08 20:15 - 2017-12-31 21:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2018-01-08 20:15 - 2017-12-31 21:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
    2018-01-08 20:15 - 2017-12-31 21:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2018-01-08 20:15 - 2017-12-31 21:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2018-01-08 20:15 - 2017-12-31 21:00 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2018-01-08 20:15 - 2017-12-31 21:00 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2018-01-08 20:15 - 2017-12-31 21:00 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2018-01-08 20:15 - 2017-12-31 21:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
    2018-01-08 20:15 - 2017-12-31 21:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
    2018-01-08 20:15 - 2017-12-31 21:00 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2018-01-08 20:15 - 2017-12-31 21:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2018-01-08 20:15 - 2017-12-31 20:59 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2018-01-08 20:15 - 2017-12-31 20:59 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2018-01-08 20:15 - 2017-12-31 20:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
    2018-01-08 20:15 - 2017-12-31 20:54 - 004013800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2018-01-08 20:15 - 2017-12-31 20:54 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2018-01-08 20:15 - 2017-12-31 20:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2018-01-08 20:15 - 2017-12-31 20:42 - 000460288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2018-01-08 20:15 - 2017-12-31 20:42 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2018-01-08 20:15 - 2017-12-31 20:42 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2018-01-08 20:15 - 2017-12-31 20:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2018-01-08 20:15 - 2017-12-30 02:29 - 000395968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2018-01-08 20:15 - 2017-12-30 01:42 - 000347328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2018-01-08 20:15 - 2017-12-29 13:39 - 020274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2018-01-08 20:15 - 2017-12-29 13:13 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2018-01-08 20:15 - 2017-12-29 13:12 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2018-01-08 20:15 - 2017-12-29 13:09 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2018-01-08 20:15 - 2017-12-29 13:04 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2018-01-08 20:15 - 2017-12-29 13:03 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2018-01-08 20:15 - 2017-12-29 12:45 - 004508160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2018-01-08 20:15 - 2017-12-29 12:38 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2018-01-08 20:15 - 2017-12-29 12:38 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2018-01-08 20:15 - 2017-12-29 12:37 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2018-01-08 20:15 - 2017-12-29 12:36 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2018-01-08 20:15 - 2017-12-29 12:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2018-01-08 20:15 - 2017-12-29 12:15 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2018-01-08 20:15 - 2017-12-29 04:15 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2018-01-08 20:15 - 2017-12-29 03:52 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2018-01-08 20:15 - 2017-12-29 03:51 - 005796352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2018-01-08 20:15 - 2017-12-29 03:50 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2018-01-08 20:15 - 2017-12-29 03:50 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2018-01-08 20:15 - 2017-12-29 03:40 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2018-01-08 20:15 - 2017-12-29 03:39 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2018-01-08 20:15 - 2017-12-29 03:39 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2018-01-08 20:15 - 2017-12-29 03:32 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2018-01-08 20:15 - 2017-12-29 03:04 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2018-01-08 20:15 - 2017-12-29 03:03 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2018-01-08 20:15 - 2017-12-29 03:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2018-01-08 20:15 - 2017-12-29 03:01 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2018-01-08 20:15 - 2017-12-29 02:50 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2018-01-08 20:15 - 2017-12-29 02:39 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2018-01-08 20:15 - 2017-12-29 02:27 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2018-01-08 20:15 - 2017-12-21 01:27 - 000634312 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2018-01-08 20:15 - 2017-12-13 11:31 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2018-01-08 20:15 - 2017-12-13 11:15 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2018-01-08 20:14 - 2017-12-31 21:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
    2018-01-08 20:14 - 2017-12-31 21:21 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2018-01-08 20:14 - 2017-12-31 21:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2018-01-08 20:14 - 2017-12-31 21:21 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2018-01-08 20:14 - 2017-12-31 21:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
    2018-01-08 20:14 - 2017-12-31 21:18 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
    2018-01-08 20:14 - 2017-12-31 21:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
    2018-01-08 20:14 - 2017-12-31 21:18 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 21:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
    2018-01-08 20:14 - 2017-12-31 21:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
    2018-01-08 20:14 - 2017-12-31 21:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2018-01-08 20:14 - 2017-12-31 21:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
    2018-01-08 20:14 - 2017-12-31 20:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
    2018-01-08 20:14 - 2017-12-31 20:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
    2018-01-08 20:14 - 2017-12-31 20:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
    2018-01-08 20:14 - 2017-12-31 20:54 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
    2018-01-08 20:14 - 2017-12-31 20:49 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2018-01-08 20:14 - 2017-12-31 20:49 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2018-01-08 20:14 - 2017-12-31 20:49 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2018-01-08 20:14 - 2017-12-31 20:49 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2018-01-08 20:14 - 2017-12-31 20:46 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2018-01-08 20:14 - 2017-12-31 20:45 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2018-01-08 20:14 - 2017-12-31 20:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
    2018-01-08 20:14 - 2017-12-31 20:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
    2018-01-08 20:14 - 2017-12-31 20:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
    2018-01-08 20:14 - 2017-12-31 20:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
    2018-01-08 20:14 - 2017-12-31 20:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
    2018-01-08 20:14 - 2017-12-31 20:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
    2018-01-08 20:14 - 2017-12-31 20:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
    2018-01-08 20:14 - 2017-12-31 20:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
    2018-01-08 20:14 - 2017-12-31 20:42 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2018-01-08 20:14 - 2017-12-31 20:41 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2018-01-08 20:14 - 2017-12-31 20:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2018-01-08 20:14 - 2017-12-31 20:41 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2018-01-08 20:14 - 2017-12-31 20:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
    2018-01-08 20:14 - 2017-12-31 20:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2018-01-08 20:14 - 2017-12-31 20:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
    2018-01-08 20:14 - 2017-12-31 20:39 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2018-01-08 20:14 - 2017-12-31 20:36 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2018-01-08 20:14 - 2017-12-31 20:36 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2018-01-08 20:14 - 2017-12-31 20:36 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2018-01-08 20:14 - 2017-12-31 20:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2018-01-08 20:14 - 2017-12-31 20:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
    2018-01-08 20:14 - 2017-12-31 20:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-31 20:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2018-01-08 20:14 - 2017-12-29 13:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2018-01-08 20:14 - 2017-12-29 13:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2018-01-08 20:14 - 2017-12-29 13:12 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2018-01-08 20:14 - 2017-12-29 13:11 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2018-01-08 20:14 - 2017-12-29 13:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2018-01-08 20:14 - 2017-12-29 13:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2018-01-08 20:14 - 2017-12-29 13:03 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2018-01-08 20:14 - 2017-12-29 13:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2018-01-08 20:14 - 2017-12-29 12:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2018-01-08 20:14 - 2017-12-29 12:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2018-01-08 20:14 - 2017-12-29 12:50 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2018-01-08 20:14 - 2017-12-29 12:50 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2018-01-08 20:14 - 2017-12-29 12:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2018-01-08 20:14 - 2017-12-29 12:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2018-01-08 20:14 - 2017-12-29 12:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2018-01-08 20:14 - 2017-12-29 12:44 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2018-01-08 20:14 - 2017-12-29 12:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2018-01-08 20:14 - 2017-12-29 12:13 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2018-01-08 20:14 - 2017-12-29 04:04 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2018-01-08 20:14 - 2017-12-29 04:04 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2018-01-08 20:14 - 2017-12-29 03:51 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2018-01-08 20:14 - 2017-12-29 03:50 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2018-01-08 20:14 - 2017-12-29 03:50 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2018-01-08 20:14 - 2017-12-29 03:44 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2018-01-08 20:14 - 2017-12-29 03:43 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2018-01-08 20:14 - 2017-12-29 03:39 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2018-01-08 20:14 - 2017-12-29 03:39 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2018-01-08 20:14 - 2017-12-29 03:28 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2018-01-08 20:14 - 2017-12-29 03:22 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2018-01-08 20:14 - 2017-12-29 03:22 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2018-01-08 20:14 - 2017-12-29 03:21 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2018-01-08 20:14 - 2017-12-29 03:18 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2018-01-08 20:14 - 2017-12-29 03:18 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2018-01-08 20:14 - 2017-12-29 03:16 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2018-01-08 20:14 - 2017-12-29 03:14 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2018-01-08 20:14 - 2017-12-29 03:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2018-01-08 20:14 - 2017-12-29 03:03 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2018-01-08 20:14 - 2017-12-13 11:27 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2018-01-08 20:14 - 2017-12-13 11:27 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2018-01-08 20:14 - 2017-12-13 11:27 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2018-01-08 20:14 - 2017-12-13 11:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2018-01-08 20:14 - 2017-12-13 11:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2018-01-08 20:14 - 2017-12-13 11:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2018-01-08 20:14 - 2017-12-13 11:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2018-01-08 20:14 - 2017-12-13 10:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2018-01-08 20:14 - 2017-12-05 12:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
    2018-01-08 20:14 - 2017-12-05 12:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
    2018-01-08 20:14 - 2017-12-05 12:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
    2018-01-08 20:14 - 2017-12-05 12:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
    2018-01-08 20:14 - 2017-12-05 12:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
    2018-01-08 20:14 - 2017-12-05 10:59 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2018-01-08 20:14 - 2017-12-05 10:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-01-28 01:52 - 2016-11-15 20:33 - 000000000 ____D C:\Users\LOLA\AppData\LocalLow\Mozilla
    2018-01-28 01:36 - 2013-12-24 17:19 - 000000000 ____D C:\AdwCleaner
    2018-01-27 15:07 - 2009-07-13 23:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2018-01-27 15:07 - 2009-07-13 23:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2018-01-27 14:24 - 2016-04-26 13:12 - 000003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForLOLA
    2018-01-27 14:24 - 2016-04-26 13:12 - 000000328 _____ C:\Windows\Tasks\HPCeeScheduleForLOLA.job
    2018-01-27 04:45 - 2012-02-05 22:23 - 000000000 ____D C:\Users\LOLA\AppData\Local\CrashDumps
    2018-01-27 00:52 - 2009-07-14 00:13 - 000006214 _____ C:\Windows\system32\PerfStringBackup.INI
    2018-01-27 00:45 - 2017-12-22 19:16 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2018-01-27 00:45 - 2011-10-05 15:49 - 000000000 ____D C:\ProgramData\PDFC
    2018-01-27 00:45 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2018-01-27 00:44 - 2016-09-21 07:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2018-01-27 00:44 - 2015-12-25 23:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2018-01-27 00:44 - 2013-06-16 11:32 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
    2018-01-21 01:32 - 2017-03-18 10:42 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
    2018-01-10 12:30 - 2012-01-30 22:43 - 000457896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2018-01-10 12:30 - 2012-01-30 22:43 - 000146648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2018-01-10 03:33 - 2013-08-15 02:01 - 000000000 ____D C:\Windows\system32\MRT
    2018-01-10 03:24 - 2017-10-11 02:16 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
    2018-01-10 03:24 - 2012-01-31 08:16 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2018-01-09 04:27 - 2012-04-12 06:28 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2018-01-09 04:27 - 2012-04-12 06:28 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2018-01-09 04:27 - 2012-02-25 01:08 - 000000000 ____D C:\Windows\system32\Macromed
    2018-01-09 04:27 - 2011-10-05 15:48 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2018-01-09 04:27 - 2011-10-05 15:48 - 000000000 ____D C:\Windows\SysWOW64\Macromed
    2018-01-09 04:21 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
    2018-01-09 03:31 - 2017-10-08 16:20 - 000346616 _____ C:\Windows\system32\FNTCACHE.DAT
    2018-01-09 03:26 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
    2018-01-07 19:09 - 2014-12-18 18:24 - 000000000 ____D C:\Users\LOLA\Documents\CHRISTMAS
    2018-01-06 13:14 - 2013-10-28 21:32 - 000012452 _____ C:\Users\LOLA\Documents\Household Bills.xlsx
    2018-01-04 16:30 - 2017-10-04 12:06 - 000002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2018-01-04 16:30 - 2017-10-04 12:06 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2017-12-30 02:13 - 2012-02-06 21:36 - 000003220 _____ C:\Windows\System32\Tasks\HPCeeScheduleForANNIERYAN$
    2017-12-30 02:13 - 2012-02-06 21:36 - 000000344 _____ C:\Windows\Tasks\HPCeeScheduleForANNIERYAN$.job

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2018-01-18 12:53

    ==================== End of FRST.txt ============================
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
    Ran by LOLA (28-01-2018 01:55:11)
    Running from C:\Users\LOLA\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) (2012-01-31 01:54:23)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3271507604-324760026-559401053-500 - Administrator - Disabled)
    Guest (S-1-5-21-3271507604-324760026-559401053-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3271507604-324760026-559401053-1024 - Limited - Enabled)
    LOLA (S-1-5-21-3271507604-324760026-559401053-1000 - Administrator - Enabled) => C:\Users\LOLA

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.01.513.58212 - ABBYY) Hidden
    ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
    Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
    Agatha Christie - Peril at End House (HKLM-x32\...\WTA-1e4f98af-bf84-4a91-99c3-3c093200b77e) (Version: 2.2.0.95 - WildTangent) Hidden
    ATI Catalyst Install Manager (HKLM\...\{F580D12E-01E5-31A6-A321-7C8E6D5361A5}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
    Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
    Bejeweled 3 (HKLM-x32\...\WTA-19204e79-76a7-4830-a59b-cec49132a453) (Version: 2.2.0.97 - WildTangent) Hidden
    Blackhawk Striker 2 (HKLM-x32\...\WTA-1dc0f1d0-2981-4bb3-b091-5fca969cb01a) (Version: 2.2.0.95 - WildTangent) Hidden
    Blasterball 3 (HKLM-x32\...\WTA-7c768f7e-a2a8-4720-9bf7-6217c90d3d78) (Version: 2.2.0.97 - WildTangent) Hidden
    Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
    Bounce Symphony (HKLM-x32\...\WTA-edfa777d-5f98-4006-9804-2dd3f8b4ec9b) (Version: 2.2.0.97 - WildTangent) Hidden
    Cake Mania (HKLM-x32\...\WTA-e0e7d02f-7a73-4abe-bd2a-170a0ab8ce54) (Version: 2.2.0.95 - WildTangent) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
    Chronicles of Albian (HKLM-x32\...\WTA-cdd2ce87-e7a2-40ff-b917-e0ef1b512f1f) (Version: 2.2.0.95 - WildTangent) Hidden
    Chuzzle Deluxe (HKLM-x32\...\WTA-112b7a13-4d20-4e52-a659-f072f699cf68) (Version: 2.2.0.95 - WildTangent) Hidden
    Cradle of Rome 2 (HKLM-x32\...\WTA-6f058f5d-e2aa-471f-86e3-238a03aa7013) (Version: 2.2.0.95 - WildTangent) Hidden
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
    Epson Download Navigator (HKLM-x32\...\{10F63395-157F-4B93-AB4D-702A2FF11942}) (Version: 1.0.1 - SEIKO EPSON CORPORATION)
    Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
    Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
    EPSON WorkForce 545 Series Printer Uninstall (HKLM\...\EPSON WorkForce 545 Series) (Version: - SEIKO EPSON Corporation)
    eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
    Farm Frenzy (HKLM-x32\...\WTA-efa6e61a-8509-44a0-87a7-45daa34c27d0) (Version: 2.2.0.95 - WildTangent) Hidden
    FATE (HKLM-x32\...\WTA-c23f70b8-b1a9-462e-85b1-cb722a0a4337) (Version: 2.2.0.97 - WildTangent) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
    Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-abf2b5ac-b72c-4f73-b458-e9e54f9fc7da) (Version: 2.2.0.95 - WildTangent) Hidden
    Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
    HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
    HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
    HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard Company)
    HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
    HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
    HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
    HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.5.37.19 - Hewlett-Packard Company)
    HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
    HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.8.47.1 - Hewlett-Packard Company)
    HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6349.0 - IDT)
    Jewel Quest: The Sleepless Star - Collector's Edition (HKLM-x32\...\WTA-75beba01-3a52-43e8-a842-ca5a2bffe8b9) (Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
    LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.) Hidden
    LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
    Logitech SetPoint 6.32 (HKLM\...\SP6) (Version: 6.32.20 - Logitech)
    LTCM Client (HKLM-x32\...\LTCM Client) (Version: - Leader Technologies Inc.)
    Mah Jong Medley (HKLM-x32\...\WTA-c577db3f-740d-4a79-aeb6-4bbcc64b334f) (Version: 2.2.0.95 - WildTangent) Hidden
    Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
    Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
    Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
    Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Mozilla Firefox 58.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 58.0 (x86 en-US)) (Version: 58.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Mystery of Mortlake Mansion (HKLM-x32\...\WTA-4e483ab8-16eb-4f5a-962d-58383061db04) (Version: 2.2.0.97 - WildTangent) Hidden
    Namco All-Stars: PAC-MAN (HKLM-x32\...\WTA-cc4cb482-00fc-4f21-b3ea-8b5e3c718e5a) (Version: 2.2.0.95 - WildTangent) Hidden
    PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.26 - PDF Complete, Inc)
    Penguins! (HKLM-x32\...\WTA-3bee82ba-7e72-46d2-b957-429db20f7089) (Version: 2.2.0.95 - WildTangent) Hidden
    Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-f972adc3-4bb2-4b7e-b71b-1c6f7e6a598b) (Version: 2.2.0.95 - WildTangent) Hidden
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
    Poker Superstars III (HKLM-x32\...\WTA-998b8a77-94f8-461a-9ca9-52263170de6b) (Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (HKLM-x32\...\WTA-643bbd38-7f83-4c2c-a54a-f770e2f12298) (Version: 2.2.0.97 - WildTangent) Hidden
    Polar Golfer (HKLM-x32\...\WTA-7b6a8760-582a-4805-b7af-4189eac3ebbd) (Version: 2.2.0.95 - WildTangent) Hidden
    Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5331 - CyberLink Corp.) Hidden
    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5331 - CyberLink Corp.)
    PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 - NewspaperDirect Inc.)
    Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{DF34643B-A745-430C-B27B-A48F853C81E4}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
    Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 4.0.3.0 - Ralink)
    Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.4320 - CyberLink Corp.) Hidden
    Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
    RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
    SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
    SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
    Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
    SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
    SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
    Samsung PC Studio 3 USB Driver Installer (HKLM-x32\...\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}) (Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Slingo Supreme (HKLM-x32\...\WTA-27499896-ea9a-44d3-b9e8-739b7db5950d) (Version: 2.2.0.97 - WildTangent) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
    swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
    Vacation Quest - The Hawaiian Islands (HKLM-x32\...\WTA-ad53b415-d336-422b-b3e2-91f3a0eb3231) (Version: 2.2.0.97 - WildTangent) Hidden
    Virtual Villagers 5 - New Believers (HKLM-x32\...\WTA-834f43e8-cab7-4bae-8b80-b220627ad804) (Version: 2.2.0.97 - WildTangent) Hidden
    WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.36 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
    Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
    Zuma Deluxe (HKLM-x32\...\WTA-95710b7f-0321-4544-91c0-41f1d2f1bf9f) (Version: 2.2.0.95 - WildTangent) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
    ContextMenuHandlers3: [LinkUpMenuExt] -> {B793E5EA-5344-488E-B98D-A18E2E5938AB} => C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\LinkUpExt64.dll [2011-05-05] (Hewlett-Packard)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-07-04] (Advanced Micro Devices, Inc.)
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {00EAA90D-FE39-446D-8687-3D405190C694} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
    Task: {0840A933-160F-4B0E-8B39-018AD67E0C00} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
    Task: {08B24748-49EE-4CA4-849F-97CB183517D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-01-10] (HP Inc.)
    Task: {39788D72-6EDA-4CD6-B339-5F0D48B34F72} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
    Task: {3B5BA6D0-4925-48E2-96BD-66A029DDB7F6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-21] ()
    Task: {4DE2EA65-27B2-4592-A015-252041F8584E} - System32\Tasks\SafeZone scheduled Autoupdate 1458680315 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
    Task: {5032B262-9CE0-488B-A06D-359976061884} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
    Task: {6FF3F5FE-443C-4120-BB70-EC725630F2C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
    Task: {97D7A377-F758-4746-9776-75B38B0E95E8} - System32\Tasks\HPCeeScheduleForLOLA => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
    Task: {AA01E05D-0D6D-4546-BD32-04CD46E9B930} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-21] (AVAST Software)
    Task: {B6DB13FA-CA4F-4FA2-A631-BA943B4FAC3F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09] (Adobe Systems Incorporated)
    Task: {B7A41F37-FE04-4A27-BDDA-4098CB922FCC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-04] (Google Inc.)
    Task: {C521FC43-431C-4BAB-A845-3215780016DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
    Task: {CF85C169-B4F5-453C-A3B6-AA9E21D56C6F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
    Task: {D030DB4B-B535-4D9A-BF0D-65EA72BE6098} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-04] (Google Inc.)
    Task: {E7E45BDE-0556-4F43-9A9F-9E4E2C806F9B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-08] (AVAST Software)
    Task: {F432884B-44D5-41F7-A952-F0FF8B71EB16} - System32\Tasks\HPCeeScheduleForANNIERYAN$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
    Task: {FD3FBBAB-2632-4BBF-9955-5394B0AD9DC8} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\HPCeeScheduleForANNIERYAN$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForLOLA.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    ==================== Loaded Modules (Whitelisted) ==============

    2017-12-22 19:15 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
    2017-12-21 12:29 - 2017-12-21 12:29 - 000067920 _____ () c:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
    2017-12-21 12:29 - 2017-12-21 12:29 - 000067984 _____ () C:\Program Files\AVAST Software\Avast\x64\dll_loader.dll
    2017-12-21 12:28 - 2017-12-21 12:28 - 000236840 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
    2017-12-21 12:29 - 2017-12-21 12:29 - 000902824 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
    2017-12-21 12:29 - 2017-12-21 12:29 - 000349568 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
    2017-12-21 12:29 - 2017-12-21 12:29 - 000337096 _____ () C:\Program Files\AVAST Software\Avast\x64\tasks_core.dll
    2017-12-21 12:29 - 2017-12-21 12:29 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
    2017-12-21 12:29 - 2017-12-21 12:29 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
    2017-12-21 12:29 - 2017-12-21 12:29 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
    2017-12-21 12:29 - 2017-12-21 12:29 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
    2017-12-21 12:29 - 2017-12-21 12:29 - 000196248 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
    2018-01-26 15:20 - 2018-01-26 15:20 - 005779088 _____ () C:\Program Files\AVAST Software\Avast\defs\18012606\algo.dll
    2017-12-21 12:29 - 2017-12-21 12:29 - 000745408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
    2017-12-21 12:28 - 2017-12-21 12:28 - 000148936 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
    2017-12-21 12:29 - 2017-12-21 12:29 - 000293944 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
    2018-01-27 12:47 - 2018-01-27 12:47 - 005779088 _____ () C:\Program Files\AVAST Software\Avast\defs\18012700\algo.dll
    2017-07-03 15:56 - 2017-07-03 15:56 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2017-12-21 12:28 - 2017-12-21 12:28 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 21:34 - 2009-06-10 16:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3271507604-324760026-559401053-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LOLA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 208.59.247.45 - 208.59.247.46
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    MSCONFIG\startupreg: (default) =>
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: BeatsOSDApp => C:\Program Files\IDT\WDM\beats64.exe
    MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
    MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    MSCONFIG\startupreg: LTCM Client => C:\Program Files (x86)\LTCM Client\ltcmClient.exe /startup
    MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
    MSCONFIG\startupreg: StartCCC => "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{6A469AD2-82CE-425F-ACB3-BBFB8B988E64}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
    FirewallRules: [{05175948-7C65-4EA7-8275-74F767B0A81B}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
    FirewallRules: [{E6B82714-E199-42DB-A02E-DE7649649040}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
    FirewallRules: [{EFC37076-4F13-4798-AA40-00665BF1D0FA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
    FirewallRules: [{7E897F9C-B855-4878-A2E0-04D473C5B94E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
    FirewallRules: [{12AC6D19-26AB-45DE-BC58-DCCAD7CF0221}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
    FirewallRules: [{FBFE29F4-FD3D-4EEA-A55F-36C431417D72}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
    FirewallRules: [{9AAF1CF0-D274-4956-A39B-E9BD4AD92C76}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
    FirewallRules: [{DE59C229-1203-439F-B824-5B088799C19F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{C0073B27-B2C7-41C7-AFF2-363079038E72}] => (Allow) LPort=2869
    FirewallRules: [{FA897E12-5C50-49A9-9320-9F8DAE68DA76}] => (Allow) LPort=1900
    FirewallRules: [{14C2E04F-2CFB-4ADD-9E26-54E9C62119D7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{633F6FDD-E26B-4EE9-985F-7D9CEC4F0C80}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
    FirewallRules: [TCP Query User{120A1088-E101-44CF-9E1F-50A4D1134158}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [UDP Query User{2A08E62B-136A-4D75-9F41-84334B47C93B}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [{201A5B43-4B34-4C52-A654-90174C49AB02}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{B7C75B17-718B-4B93-B00F-37FE3B8437A3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{47C59C0F-BA50-46F0-B4A3-ED156FD270B6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{83263237-6723-46BC-95A0-DAA7FEB9BE05}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{115AD351-CBA5-46B4-B3D8-F3F422279BAC}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [UDP Query User{7703D442-F47E-422C-9316-E29F6ABC2B0A}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [{420D3278-F81E-4A3B-B316-63479319CF8A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
    FirewallRules: [{D628AA5B-1DCE-47C5-9721-7E4D4C2D08B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{08B4BE11-4F41-4B10-B362-490D0836674B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{8B916107-168E-4199-8D18-660A0A662A32}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
    FirewallRules: [{F4AAEAC7-7465-4B4D-AD22-B4D01339D5F5}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
    FirewallRules: [{763A519B-B6C8-4180-A2C0-53308B07F4A3}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
    FirewallRules: [{E2601071-33DB-48CE-B6E4-A379E24E50CE}] => (Allow) LPort=5357
    FirewallRules: [{F5BF7FEC-A609-443E-B802-C49697A7BF79}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
    FirewallRules: [{6644C370-E507-4251-BF17-EA4F7534F3C1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Restore Points =========================

    30-05-2017 10:53:09 Scheduled Checkpoint
    06-06-2017 11:18:33 Scheduled Checkpoint
    13-06-2017 17:19:19 Scheduled Checkpoint
    15-06-2017 02:01:50 Windows Update
    22-06-2017 11:06:49 Scheduled Checkpoint
    30-06-2017 11:44:41 Scheduled Checkpoint
    07-07-2017 11:55:44 Scheduled Checkpoint
    13-07-2017 02:02:22 Windows Update
    20-07-2017 11:11:48 Scheduled Checkpoint
    26-07-2017 02:00:58 Windows Update
    29-07-2017 02:01:09 Windows Update
    05-08-2017 07:19:21 Scheduled Checkpoint
    09-08-2017 02:00:21 Windows Update
    16-08-2017 17:36:36 Scheduled Checkpoint
    24-08-2017 17:19:39 Scheduled Checkpoint
    01-09-2017 11:12:43 Scheduled Checkpoint
    08-09-2017 11:13:34 Scheduled Checkpoint
    09-09-2017 17:25:35 Avast Cleanup
    09-09-2017 17:26:54 Avast Cleanup
    11-09-2017 11:35:04 Avast Cleanup
    11-09-2017 11:35:22 Avast Cleanup
    13-09-2017 10:50:30 Avast Cleanup
    13-09-2017 10:51:20 Avast Cleanup
    14-09-2017 02:02:13 Windows Update
    15-09-2017 02:01:12 Windows Update
    21-09-2017 18:00:44 Avast Cleanup
    28-09-2017 18:02:41 Avast Cleanup
    05-10-2017 18:01:26 Avast Cleanup
    08-10-2017 12:52:38 Avast Cleanup
    08-10-2017 12:52:57 Avast Cleanup
    11-10-2017 02:02:07 Windows Update
    18-10-2017 10:49:45 Scheduled Checkpoint
    25-10-2017 17:21:21 Scheduled Checkpoint
    01-11-2017 17:41:13 Scheduled Checkpoint
    09-11-2017 11:41:30 Scheduled Checkpoint
    14-11-2017 00:14:19 Removed HP Deskjet 2540 series Basic Device Software
    14-11-2017 00:19:57 Removed HP Deskjet 2540 series Help
    15-11-2017 03:01:22 Windows Update
    22-11-2017 03:01:18 Windows Update
    29-11-2017 03:01:03 Windows Update
    06-12-2017 12:57:45 Scheduled Checkpoint
    07-12-2017 03:00:35 Windows Update
    13-12-2017 03:00:54 Windows Update
    20-12-2017 18:04:44 Scheduled Checkpoint
    27-12-2017 19:36:53 Scheduled Checkpoint
    04-01-2018 00:00:03 Scheduled Checkpoint
    09-01-2018 03:00:46 Windows Update
    10-01-2018 03:02:16 Windows Update
    17-01-2018 11:56:11 Scheduled Checkpoint
    19-01-2018 03:00:32 Windows Update
    26-01-2018 12:51:35 Scheduled Checkpoint

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (01/27/2018 04:45:01 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: plugin-container.exe, version: 58.0.0.6592, time stamp: 0x5a612a40
    Faulting module name: xul.dll, version: 58.0.0.6592, time stamp: 0x5a612a2f
    Exception code: 0x80000003
    Fault offset: 0x00e562b1
    Faulting process id: 0x1740
    Faulting application start time: 0x01d3973dad9d3b33
    Faulting application path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    Faulting module path: C:\Program Files (x86)\Mozilla Firefox\xul.dll
    Report Id: bdbf2f83-0346-11e8-951d-38607777b512

    Error: (01/27/2018 12:52:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (01/27/2018 12:52:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (01/25/2018 11:29:13 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: plugin-container.exe, version: 57.0.4.6577, time stamp: 0x5a4d7782
    Faulting module name: xul.dll, version: 57.0.4.6577, time stamp: 0x5a4d7770
    Exception code: 0x80000003
    Fault offset: 0x00d0ea13
    Faulting process id: 0x11b8
    Faulting application start time: 0x01d395aea8057127
    Faulting application path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    Faulting module path: C:\Program Files (x86)\Mozilla Firefox\xul.dll
    Report Id: e0818c77-01ec-11e8-af47-38607777b512

    Error: (01/19/2018 03:06:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service ASP.NET (ASP.NET) failed. The first DWORD in the Data section contains the error code.

    Error: (01/19/2018 03:06:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (01/19/2018 03:06:32 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service ASP.NET (ASP.NET) failed. The first DWORD in the Data section contains the error code.

    Error: (01/19/2018 03:06:32 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (01/19/2018 03:06:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service aspnet_state (ASP.NET State Service) failed. The first DWORD in the Data section contains the error code.

    Error: (01/19/2018 03:06:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


    System errors:
    =============
    Error: (01/28/2018 01:36:37 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 70.

    Error: (01/28/2018 01:36:36 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 70.

    Error: (01/27/2018 12:45:10 AM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 12:43:46 AM on ‎1/‎27/‎2018 was unexpected.

    Error: (01/27/2018 12:39:09 AM) (Source: Tcpip) (EventID: 4199) (User: )
    Description: The system detected an address conflict for IP address 192.168.0.4 with the system
    having network hardware address 78-4B-87-D5-1F-8E. Network operations on this system may
    be disrupted as a result.

    Error: (01/09/2018 03:28:30 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
    Description: The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.

    Error: (01/09/2018 03:25:02 AM) (Source: DCOM) (EventID: 10010) (User: )
    Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.


    CodeIntegrity:
    ===================================
    Date: 2016-08-13 14:59:27.704
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

    Date: 2016-08-13 14:59:27.485
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

    Date: 2016-08-12 18:06:52.867
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

    Date: 2016-08-12 18:06:52.820
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

    Date: 2016-08-12 10:25:30.520
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

    Date: 2016-08-12 10:25:30.395
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

    Date: 2016-08-12 03:21:28.960
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

    Date: 2016-08-12 03:21:28.804
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

    Date: 2016-08-11 23:36:45.552
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

    Date: 2016-08-11 23:36:45.412
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: AMD A8-3800 APU with Radeon(tm) HD Graphics
    Percentage of memory in use: 77%
    Total physical RAM: 2047.61 MB
    Available physical RAM: 465.02 MB
    Total Virtual: 5226.91 MB
    Available Virtual: 2459.61 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:919.87 GB) (Free:383.61 GB) NTFS
    Drive d: (HP_RECOVERY) (Fixed) (Total:11.54 GB) (Free:1.4 GB) NTFS ==>[system with boot components (obtained from drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 338070C4)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=919.9 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=11.5 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

  4. #4
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi ry7577,

    Thank you for the logs.

    I do not see any indication of malware though there are a few orphaned files we could remove. I'll include the instructions to remove them below.

    I noticed that you have CCleaner installed. I use that program myself though I never use the registry cleaner that is included. We advise not to use this or any registry cleaner as there have been reports of them clearing out needed registry entries and messing up PCs. In addition, what they do clean up is so small that little or no advantages are noticed.

    Modifying registry keys incorrectly can cause Windows instability, or make Windows unbootable. No registry cleaner is completely safe and the potential is ever present to cause more problems than they claim to fix.

    Couple of questions for you:

    1.) Is Firefox the browser you rely on the most?
    2.) Have you tried Chrome or Internet Explorer? Do you experience the same problems?
    3.) Is this a desktop computer? When is the last time you used a can of compressed air to blow the dust and dirt out from inside the tower box?

    Let's remove those orphans I mentioned above:

    • Open notepad (Start orb > type notepad into Start Search > chose notepad from list.
    • Please copy the entire contents of the code box below.
      (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
    • Save it to the same directory as frst.exe (or frst64.exe) as fixlist.txt.

      CreateRestorePoint:
      CloseProcesses:
      HKLM-x32\...\Run: [] => [X]
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2455} URL =
      SearchScopes: HKLM-x32 -> DefaultScope value is missing
      Toolbar: HKU\S-1-5-21-3271507604-324760026-559401053-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
      S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
      U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
      ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
      EmptyTemp:
      ResetHosts:
      NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
    • The tool will make a log (Fixlog.txt) which you will find where you saved FRST. Please post it to your reply.


    In your next reply, please include the answer to my questions and the Fixlog.txt that should be found om your desktop.

    Thank you,
    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  5. #5
    Member
    Join Date
    Oct 2006
    Location
    PA
    Posts
    63
    Points
    0

    Default

    I hope I did this right.Yes firefox is the main browser I use.I haven't tried chrome or explorer in a long time.Yes it's a desktop computer and i'm going to blow it out now.I don't think I've ever done it.Another main problem I always have is I get a pop-up saying that my computer is infected and that I need to contact windows with their number.Is that just a scam?


    Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
    Ran by LOLA (28-01-2018 15:59:17) Run:1
    Running from C:\Users\LOLA\Desktop
    Loaded Profiles: LOLA (Available Profiles: LOLA)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    CreateRestorePoint:
    CloseProcesses:
    HKLM-x32\...\Run: [] => [X]
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2455} URL =
    SearchScopes: HKLM-x32 -> DefaultScope value is missing
    Toolbar: HKU\S-1-5-21-3271507604-324760026-559401053-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
    U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
    EmptyTemp:
    ResetHosts:
    *****************

    Restore point was successfully created.
    Processes closed successfully.
    "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
    "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
    "HKU\S-1-5-21-3271507604-324760026-559401053-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
    HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found
    HKLM\System\CurrentControlSet\Services\AvastVBoxSvc => key could not remove, key could be protected
    HKLM\System\CurrentControlSet\Services\VBoxAswDrv => key could not remove, key could be protected
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => removed successfully
    HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found
    ResetHosts: => Error: No automatic fix found for this entry.

    =========== EmptyTemp: ==========

    BITS transfer queue => 8388608 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15754544 B
    Java, Flash, Steam htmlcache => 1184 B
    Windows/system/drivers => 22947923 B
    Edge => 0 B
    Chrome => 7580079 B
    Firefox => 396029637 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Users => 0 B
    Default => 0 B
    Public => 0 B
    ProgramData => 0 B
    systemprofile => 42343782 B
    systemprofile32 => 115380 B
    LocalService => 0 B
    NetworkService => 0 B
    LOLA => 76090840 B

    RecycleBin => 0 B
    EmptyTemp: => 542.9 MB temporary data Removed.

    ================================

    Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 28-01-2018 16:08:31)


    Result of scheduled keys to remove after reboot:

    HKLM\System\CurrentControlSet\Services\AvastVBoxSvc => key could not remove, key could be protected
    HKLM\System\CurrentControlSet\Services\VBoxAswDrv => key could not remove, key could be protected

    ==== End of Fixlog 16:08:31 ====

  6. #6
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Yes. That pop-up with number included sounds like an adware scam to me. There are so many of them.. See if you can get a screen shot of the pop up next time and attach/upload to a post, or, see if you can catch the number they want to to call so I can research it to find out where the pop up originates from. I am thinking maybe the browser, if not somewhere within the file system. I'll take a closer look at the logs you posted to see if there is a hidden clue that is disgiued to be easily overlooked. I am surprised that Malwarebytes, SuperAntiSpyware nor AdwCleaner found that pop up source.

    As for Firefox, let's see how it behaves in Firefox Safe Mode:

    Troubleshoot Firefox issues using Safe Mode

    When you get to the Firefox Safe Mode Window found in the above link you will see two options (buttons) to choose:

    Start in Safe Mode and Refresh Firefox

    Choose Start in Safe Mode. We'll save the Refresh button as a last resort, unless you feel you have nothing to lose then you can try that too.

    Let me know how it goes and in the mean time I will do a bit of research to see if I can find anything on pop ups with numbers to call, but knowing the number to research could help more.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  7. #7
    Member
    Join Date
    Oct 2006
    Location
    PA
    Posts
    63
    Points
    0

    Default

    I did the refresh before I read this.So far so good.I only had problems when I would scroll too much in Facebook or look at Yahoo's main page.If I would dig too much then I would always have to close out the window,and start over.Usually when I would start it back up I would get the firefox is already running pop up,and do you wanna close it out.I blew out the computer and so far it's been running better.I will keep an eye out for the pop up with the number.I know my wife ran into it the other day for the first time in weeks.Thanks for all of your help!

  8. #8
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    I did the refresh before I read this.So far so good.
    Ok. That's good news. You're a step ahead then.

    I only had problems when I would scroll too much in Facebook or look at Yahoo's main page.If I would dig too much then I would always have to close out the window,and start over.
    Hm? I have that trouble too. Drives me nuts when I have to wait for more posts to populate. I try slowing down but I prefer to skim over what is not interesting to me. Not sure what else might cause that.

    Where do you have the tower sitting? One thing I have learned is to not set it directly on the floor or near an air vent and never store it in an enclosure where there is not enough air circulation. Always keep the dust bunnies down to a minimum. Also, if you have pets, especially cats because their fur is much thinner and more fly away than dogs, don't let them near the fans. Even flyaway fur can be sucked into the fans and cause build up which will cause over heating.

    Since everything seems t be running fine, let's remove the tools we used in this cleansing process:

    Download DelFix by Xplode and save it to your desktop.
    • Run the tool by right click on the icon and Run as administrator option.
    • Make sure that these ones are checked:
      • Remove disinfection tools
      • Purge system restore
      • Reset system settings
    • Push Run.
    • The program will run for a few seconds and display a notepad report.
      Paste it for my review.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  9. #9
    Member
    Join Date
    Oct 2006
    Location
    PA
    Posts
    63
    Points
    0

    Default

    I spoke a little too soon,and it's still freezing on me sometimes.Yeah Facebook and Yahoo are the main ones that freeze it.If I'm on them too long then my browser pretty much stops,and that's when I get firefox is already running,and the old version has to be closed first when I already shut it down.Then sometimes I get my firefox profile cannot be found.Here's my log:


    DelFix v1.010 - Logfile created 29/01/2018 at 10:41:10
    # Updated 26/04/2015 by Xplode
    # Username : LOLA - ANNIERYAN
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

    ~ Removing disinfection tools ...

    Deleted : C:\_OTL
    Deleted : C:\FRST
    Deleted : C:\AdwCleaner
    Deleted : C:\Users\LOLA\Downloads\adwcleaner_7.0.7.0.exe
    Deleted : C:\Users\LOLA\Downloads\FRST64 - Shortcut.lnk
    Deleted : HKLM\SOFTWARE\OldTimer Tools
    Deleted : HKLM\SOFTWARE\AdwCleaner

    ~ Cleaning system restore ...

    Deleted : RP #574 [Scheduled Checkpoint | 06/06/2017 16:18:33]
    Deleted : RP #575 [Scheduled Checkpoint | 06/13/2017 22:19:19]
    Deleted : RP #576 [Windows Update | 06/15/2017 07:01:50]
    Deleted : RP #577 [Scheduled Checkpoint | 06/22/2017 16:06:49]
    Deleted : RP #578 [Scheduled Checkpoint | 06/30/2017 16:44:41]
    Deleted : RP #579 [Scheduled Checkpoint | 07/07/2017 16:55:44]
    Deleted : RP #580 [Windows Update | 07/13/2017 07:02:22]
    Deleted : RP #581 [Scheduled Checkpoint | 07/20/2017 16:11:48]
    Deleted : RP #582 [Windows Update | 07/26/2017 07:00:58]
    Deleted : RP #583 [Windows Update | 07/29/2017 07:01:09]
    Deleted : RP #584 [Scheduled Checkpoint | 08/05/2017 12:19:21]
    Deleted : RP #585 [Windows Update | 08/09/2017 07:00:21]
    Deleted : RP #586 [Scheduled Checkpoint | 08/16/2017 22:36:36]
    Deleted : RP #587 [Scheduled Checkpoint | 08/24/2017 22:19:39]
    Deleted : RP #588 [Scheduled Checkpoint | 09/01/2017 16:12:43]
    Deleted : RP #589 [Scheduled Checkpoint | 09/08/2017 16:13:34]
    Deleted : RP #590 [Avast Cleanup | 09/09/2017 22:25:35]
    Deleted : RP #591 [Avast Cleanup | 09/09/2017 22:26:54]
    Deleted : RP #592 [Avast Cleanup | 09/11/2017 16:35:04]
    Deleted : RP #593 [Avast Cleanup | 09/11/2017 16:35:22]
    Deleted : RP #594 [Avast Cleanup | 09/13/2017 15:50:30]
    Deleted : RP #595 [Avast Cleanup | 09/13/2017 15:51:20]
    Deleted : RP #596 [Windows Update | 09/14/2017 07:02:13]
    Deleted : RP #597 [Windows Update | 09/15/2017 07:01:12]
    Deleted : RP #598 [Avast Cleanup | 09/21/2017 23:00:44]
    Deleted : RP #599 [Avast Cleanup | 09/28/2017 23:02:41]
    Deleted : RP #600 [Avast Cleanup | 10/05/2017 23:01:26]
    Deleted : RP #601 [Avast Cleanup | 10/08/2017 17:52:38]
    Deleted : RP #602 [Avast Cleanup | 10/08/2017 17:52:57]
    Deleted : RP #603 [Windows Update | 10/11/2017 07:02:07]
    Deleted : RP #604 [Scheduled Checkpoint | 10/18/2017 15:49:45]
    Deleted : RP #605 [Scheduled Checkpoint | 10/25/2017 22:21:21]
    Deleted : RP #606 [Scheduled Checkpoint | 11/01/2017 22:41:13]
    Deleted : RP #607 [Scheduled Checkpoint | 11/09/2017 16:41:30]
    Deleted : RP #608 [Removed HP Deskjet 2540 series Basic Device Software | 11/14/2017 05:14:19]
    Deleted : RP #609 [Removed HP Deskjet 2540 series Help | 11/14/2017 05:19:57]
    Deleted : RP #610 [Windows Update | 11/15/2017 08:01:22]
    Deleted : RP #611 [Windows Update | 11/22/2017 08:01:18]
    Deleted : RP #612 [Windows Update | 11/29/2017 08:01:03]
    Deleted : RP #613 [Scheduled Checkpoint | 12/06/2017 17:57:45]
    Deleted : RP #614 [Windows Update | 12/07/2017 08:00:35]
    Deleted : RP #615 [Windows Update | 12/13/2017 08:00:54]
    Deleted : RP #616 [Scheduled Checkpoint | 12/20/2017 23:04:44]
    Deleted : RP #617 [Scheduled Checkpoint | 12/28/2017 00:36:53]
    Deleted : RP #618 [Scheduled Checkpoint | 01/04/2018 05:00:03]
    Deleted : RP #619 [Windows Update | 01/09/2018 08:00:46]
    Deleted : RP #620 [Windows Update | 01/10/2018 08:02:16]
    Deleted : RP #621 [Scheduled Checkpoint | 01/17/2018 16:56:11]
    Deleted : RP #622 [Windows Update | 01/19/2018 08:00:32]
    Deleted : RP #623 [Scheduled Checkpoint | 01/26/2018 17:51:35]
    Deleted : RP #625 [Restore Point Created by FRST | 01/28/2018 21:00:29]
    Deleted : RP #626 [Removed Epson Event Manager | 01/28/2018 22:32:33]
    Deleted : RP #627 [Removed Epson Customer Participation | 01/28/2018 22:33:10]
    Deleted : RP #628 [Removed FAX Utility | 01/28/2018 22:34:14]
    Deleted : RP #629 [Removed Epson Download Navigator | 01/28/2018 22:34:49]
    Deleted : RP #630 [Removed Epson Event Manager | 01/28/2018 22:35:20]

    New restore point created !

    ~ Resetting system settings ... OK

    ########## - EOF - ##########

  10. #10
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    I spoke a little too soon,and it's still freezing on me sometimes.Yeah Facebook and Yahoo are the main ones that freeze it.
    Darn! Now isn't that the way it always goes?

    Yahoo and Facebook are very stressing sites. There is so much on one page to load with all the images, video's, ect..

    Did you try running Firefox in Safe Mode for a duration to see if the freezing stills occurs?

    We also need to eliminate the possibility that the freezing is not a Firefox browser issue. I know what a pain it is to use another browser, but could you please use Internet Explorer and Chrome for a time to see if you get the same results. This way we can tell if it is Firefox (or not) or a Windows problem.

    From time to time I give Firefox a good cleaning with SpeedyFox. Let's see if that helps in your case.

    Download SpeedyFox for Windows (570kb) that is found under Download: to your desktop.
    • Click on the download link then Save File button in the box that pops up..
    • Double click on the icon (for Vista and above, right click and choose Run as administrator).
    • Next, click on the button and allow it to complete.

    Shouldn't take very long depending on how big the Firefox profile is.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"