Page 1 of 2 12 LastLast
Results 1 to 10 of 13
  1. #1
    Member skaterace's Avatar
    Join Date
    Dec 2003
    Posts
    73
    Points
    0

    Default Slow computer, is it malware?

    My computer has slowed to a crawl, so much that it can barely type anymore. The detective told me to post my scan, so here you go. Any help would be greatly appreciated. If I knew you in real life, I would bring you warm bread.

    SUPERAntiSpyware Scan Log
    https://www.superantispyware.com

    Generated 04/26/2019 at 08:42 PM

    Application Version : 8.0.1038
    Database Version : 15475

    Scan type : Complete Scan
    Total Scan Time : 02:33:09

    Operating System Information
    Windows 10 Home 64-bit (Build 10.00.17134)
    UAC On - Limited User

    Memory items scanned : 1260
    Memory items detected : 0
    Registry items scanned : 63126
    Registry items detected : 0
    File items scanned : 24356
    File items detected : 499

    Adware.Tracking Cookie
    C:\Users\Anderson\AppData\Local\Microsoft\Windows\INetCookies\deprecated.cookieC:\Users\Anderson\AppData\Local\Microsoft\Windows\INetCookies\deprecated.cookie [ /cdnssl.clicktale.net ]
    .btrll.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .eqads.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .intentiq.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    ads.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .nanigans.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    ads.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .bizrate.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .gravity.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .krxd.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .marinsm.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .afy11.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adadvisor.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adap.tv [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adobe.demdex.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .voicefive.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adap.tv [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .scanscout.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .mletracker.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .dealtime.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    api.content.ad [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    DealTime: Search, sort and save on great deals! [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adobe.demdex.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .turn.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .ib.mookie1.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    statsadv.dadapro.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .liverail.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .w55c.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .nexac.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .udmserve.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    tap2-cdn.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .openx.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .gwallet.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .gwallet.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .agkn.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .udmserve.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .scanscout.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .agkn.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .btrll.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .eqads.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .intentiq.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    ads.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .nanigans.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    ads.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .bizrate.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .gravity.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .krxd.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .marinsm.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .afy11.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adadvisor.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adap.tv [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adobe.demdex.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .voicefive.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adap.tv [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .scanscout.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .mletracker.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .dealtime.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    api.content.ad [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    DealTime: Search, sort and save on great deals! [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adobe.demdex.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .turn.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .ib.mookie1.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    statsadv.dadapro.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .liverail.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .w55c.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .nexac.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .udmserve.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    tap2-cdn.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .openx.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .gwallet.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .gwallet.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .agkn.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .udmserve.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .scanscout.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .agkn.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9T9M5VG.DEFAULT\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9T9M5VG.DEFAULT\COOKIES.SQLITE ]
    statse.webtrendslive.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
    .demdex.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
    .tealiumiq.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
    .demdex.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
    .everesttech.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
    .everesttech.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
    .iasds01.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .weborama.fr [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    partners.tremorhub.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    tag.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .ads.linkedin.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .connexity.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .iasds01.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .exelator.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    bttrack.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .xspadvertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .xspadvertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pubmatic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .tealiumiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .adsrvr.org [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .adsrvr.org [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .tapad.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .tapad.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .smartadserver.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .adsymptotic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .storygize.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .scorecardresearch.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    ads.stickyadstv.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .scorecardresearch.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .contextweb.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .app.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .assets.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .marketingengine.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .www.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .adsymptotic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .app.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .assets.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .marketingengine.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .solocpm.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .truoptik.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .www.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    dmp.truoptik.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .dsp.linksynergy.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .eyeviewads.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crwdcntrl.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crwdcntrl.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crwdcntrl.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crwdcntrl.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .krxd.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .sitescout.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .xspadvertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .agkn.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .agkn.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .spotxchange.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    pixel.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .acuityplatform.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .bluekai.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .bizrate.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .clickagy.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    aorta.clickagy.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    trackcmp.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .outbrain.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .smartadserver.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .mediawallahscript.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .ad-stir.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .media.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .media.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .demdex.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .demdex.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pippio.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pippio.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .dpm.demdex.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .dotomi.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .dyntrk.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .everesttech.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .everesttech.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .everesttech.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .extend.tv [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .owneriq.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .adhigh.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .openx.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .ib.mookie1.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .ib.mookie1.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .yieldlab.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    io.narrative.io [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .liadm.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .lijit.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    in.xspadvertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .mediawallahscript.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .eyeota.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .w55c.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .w55c.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .ldschurch.tt.omtrdc.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .ldschurch.tt.omtrdc.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .thrtle.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .mathtag.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .mxptint.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .addthis.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pippio.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .outbrain.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .addthis.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .owneriq.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .mediawallahscript.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .contextweb.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .ml314.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .smartadserver.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .powerlinks.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .ads.yieldmo.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pippio.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rlcdn.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rlcdn.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .linksynergy.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .bizrate.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .pixel.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rfihub.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rkdms.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rkdms.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .owneriq.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .sitescout.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .postrelease.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    px.powerlinks.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .taboola.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .taboola.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .3lift.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    dmp.truoptik.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    dmp.truoptik.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .ml314.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .teads.tv [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .360yield.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .mfadsrvr.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .360yield.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .mfadsrvr.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .agkn.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .ml314.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .exelator.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .ad-stir.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .addthis.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .simpli.fi [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .turn.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    ads.stickyadstv.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .360yield.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .360yield.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .adscale.de [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .mathtag.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    ads.avocet.io [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .adnxs.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .mathtag.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .contextweb.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .postrelease.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .media.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .weborama.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .contextweb.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .w55c.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .weborama.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .yieldmo.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
    .webstats4u.com [ C:\USERS\TOTO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W0PDYD4L.DEFAULT\COOKIES.SQLITE ]
    .webstats4u.com [ C:\USERS\TOTO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W0PDYD4L.DEFAULT\COOKIES.SQLITE ]
    .webstats4u.com [ C:\USERS\TOTO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W0PDYD4L.DEFAULT\COOKIES.SQLITE ]
    .cdn.ad4game.com [ C:\USERS\TOTO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W0PDYD4L.DEFAULT\COOKIES.SQLITE ]
    .cdn.ad4game.com [ C:\USERS\TOTO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W0PDYD4L.DEFAULT\COOKIES.SQLITE ]

    ============
    End of Log
    ============

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 4/26/19
    Scan Time: 2:10 AM
    Log File: d0d8bb21-67fa-11e9-baa0-4c72b9944bf6.json

    -Software Information-
    Version: 3.7.1.2839
    Components Version: 1.0.563
    Update Package Version: 1.0.10350
    License: Trial

    -System Information-
    OS: Windows 10 (Build 17134.706)
    CPU: x64
    File System: NTFS
    User: System

    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Scheduler
    Result: Completed
    Objects Scanned: 390601
    Threats Detected: 0
    Threats Quarantined: 0
    Time Elapsed: 56 min, 7 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 0
    (No malicious items detected)

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 9:30:21 PM, on 4/25/2019
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.17134.0001)


    Boot mode: Normal

    Running processes:
    C:\Users\Anderson\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
    C:\Program Files (x86)\Shrink Pic\shrink_pic.exe
    C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
    C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
    C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
    C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
    C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
    C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
    C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
    C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
    C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    C:\Program Files (x86)\Dropbox\Client\71.4.108\QtWebEngineProcess.exe
    C:\Users\Anderson\Downloads\HijackThis.exe
    C:\Users\Anderson\Downloads\HijackThis.exe
    C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
    C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
    C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
    C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
    C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
    C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
    C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
    C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
    O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
    O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll
    O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
    O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
    O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe /shownag /nagdelay:180
    O4 - HKCU\..\Run: [OneDrive] "C:\Users\Anderson\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
    O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
    O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [AvastBrowserAutoLaunch_BD664B812C97C9481AD0FF71925D28C6] "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" --restore-last-session
    O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
    O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_32ATI1FE.EXE /EPT "EPLTarget\P0000000000000001" /M "SC-P800 Series"
    O4 - Startup: Shrink Pic.lnk = C:\Program Files (x86)\Shrink Pic\shrink_pic.exe
    O4 - Global Startup: Avast Cleanup Premium.lnk = C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
    O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AdobeUpdateService - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
    O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
    O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
    O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
    O23 - Service: %1!s! Update Service (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
    O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: %1!s! Update Service (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
    O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - Unknown owner - C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1258.86\elevation_service.exe (file missing)
    O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
    O23 - Service: Avast Cleanup Premium (CleanupPSvc) - AVAST Software - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
    O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: RipCoreBP - Unknown owner - C:\Program Files (x86)\Fawkes Engineering\AccuRIP\RipCore.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: vToolbarUpdater40.3.8 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
    O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

    --
    End of file - 15850 bytes

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,178
    Points
    1308

    Default

    Hi! My name is zep516 and Welcome to Help2go
    I'll do the best I can to resolve your computer issue
    Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

    What Anti virus are you using? I see Avast and some Avg files too.

    If you're running Avast then please download the AVG Removal tool in link below (Save the file to the desktop) and run it.

    AVG Removal tool---> https://www.bleepingcomputer.com/download/avg-remover/

    Then

    Everything gets download to the desktop and tools are "Run as administrator."

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
    Last edited by zep516; 04-27-2019 at 12:22 PM.

  3. The Following User Says Thank You to zep516 For This Useful Post:


  4. #3
    Member skaterace's Avatar
    Join Date
    Dec 2003
    Posts
    73
    Points
    0

    Default

    Tell me about the avg removal tool. I don't actually have AVG antivirus installed, it's just an AVG web tune-up app. I ran the AVG removal tool, anyway, but it tells me to restart my computer every time. After the restart, nothing happens. So I run it again, and the same thing happens again. I feel like I'm not accomplishing anything. Is this step necessary? What am I doing wrong?

  5. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,178
    Points
    1308

    Default

    Hopefully its removed the AVG tune up files, these so called tune up programs are not very good an cause more problems then that claim to fix. Please follow the rest of the instruction and post the 2 logs from Farber Recovery scan so I can check for possible malware. High jack this simply does not tell us enough.


    Thanks
    zep

  6. The Following User Says Thank You to zep516 For This Useful Post:


  7. #5
    Member skaterace's Avatar
    Join Date
    Dec 2003
    Posts
    73
    Points
    0

    Default

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.04.2019
    Ran by Anderson (administrator) on DESKTOP-7MH20NA (Hewlett-Packard p2-1317c) (27-04-2019 15:19:34)
    Running from C:\Users\Anderson\Downloads
    Loaded Profiles: Anderson (Available Profiles: defaultuser0 & Anderson)
    Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: English (United States)
    Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    () [File not signed] C:\Program Files (x86)\Shrink Pic\shrink_pic.exe
    () [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
    () [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
    () [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
    (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
    (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
    (Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
    (Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
    (Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
    (Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
    (Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
    (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
    (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
    (Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
    (Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (AVG Netherlands B.V. -> ) C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
    (Carbonite -> Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
    (Carbonite -> Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\71.4.108\QtWebEngineProcess.exe
    (Fawkes Engineering, Inc. -> ) C:\Program Files (x86)\Fawkes Engineering\AccuRIP\RipCore.exe
    (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
    (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
    (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
    (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
    (Lespeed Technology Ltd. -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
    (Lespeed Technology Ltd. -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
    (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Users\Anderson\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
    (Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\setuphost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\6792e3c57b795d36fe6f5779079a908a\WindowsUpdateBox.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
    (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
    (Node.js Foundation -> Node.js) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_32ATI1FE.EXE
    (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-03-24] (Apple Inc. -> Apple Inc.)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
    HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2195968 2018-05-15] (AVG Netherlands B.V. -> )
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5537088 2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1278056 2019-02-08] (Carbonite -> Carbonite, Inc.)
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
    HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
    HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc. -> Apple Inc.)
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-01] (Apple Inc. -> Apple Inc.)
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-01] (Apple Inc. -> Apple Inc.)
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198512 2019-04-25] (Support.com, Inc. -> SUPERAntiSpyware)
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46506040 2019-04-09] (Google LLC -> )
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_32ATI1FE.EXE [303312 2016-04-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [570368 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
    HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [280864 2007-02-03] (Logitech Inc -> Logitech Inc.)
    HKLM\...\Drivers32: [MSVideo] => C:\WINDOWS\system32\vfwwdm32.dll [67072 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
    HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [264992 2007-02-03] (Logitech Inc -> Logitech Inc.)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
    HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1258.86\Installer\chrmstp.exe [2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-12-24]
    ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
    Startup: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shrink Pic.lnk [2018-11-26]
    ShortcutTarget: Shrink Pic.lnk -> C:\Program Files (x86)\Shrink Pic\shrink_pic.exe () [File not signed]
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {01FCB836-0FDA-49A2-9C63-8D524E5ECC78} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1955440 2019-04-05] (AVAST Software s.r.o. -> AVAST Software)
    Task: {1766FAF5-AFB9-4EAA-B5E4-3E5FD566757A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-10] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {1F9F83A4-6FB0-4744-8938-491EA30BB907} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1955440 2019-04-05] (AVAST Software s.r.o. -> AVAST Software)
    Task: {25F68F66-2384-4AFD-AF23-9033217621FF} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
    Task: {2D117640-E8A7-453C-B066-7C8A61C76C0E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
    Task: {2F47E01F-05C8-4456-8956-94FA257B23BB} - System32\Tasks\G2MUploadTask-S-1-5-21-117299934-2116951884-1989845370-1001 => C:\Users\Anderson\AppData\Local\GoToMeeting\12814\g2mupload.exe [29768 2019-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
    Task: {32A0E9A4-614D-4452-BD62-DA874571D115} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25906688 2019-04-19] (Microsoft Corporation -> Microsoft Corporation)
    Task: {3AB51AF8-5B74-46B0-B95D-C1C0473F672B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2018-10-22] (Apple Inc. -> Apple Inc.)
    Task: {3CA01DD2-C3FE-4C16-9DAE-3897CD828CF2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [758600 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
    Task: {43BB3E4E-019D-46C6-A731-BFFB0D4CBFCE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Task: {46C614F1-A2E8-44F2-93A8-D1A9B1324469} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-17] (Google Inc -> Google Inc.)
    Task: {535296CE-9442-4A0B-A494-BAB119D66E99} - System32\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [3976872 2018-12-07] (Lespeed Technology Ltd. -> WiseCleaner.com)
    Task: {6356ACB8-9969-47B1-ADA9-57F9F5CD0E73} - System32\Tasks\G2MUpdateTask-S-1-5-21-117299934-2116951884-1989845370-1001 => C:\Users\Anderson\AppData\Local\GoToMeeting\12814\g2mupdate.exe [29768 2019-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
    Task: {664EDBFD-2EC4-4D53-ABD9-6FFB9F866FE3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112160 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
    Task: {7527416D-7173-4A39-9A41-72DD5DE88F77} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-10] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {78030924-5F43-46D7-8C55-63C582EE378C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-09] (Adobe Inc. -> Adobe)
    Task: {84226196-4E6E-4F85-8FD6-265A2EA9F2B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4407136 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
    Task: {895F6A6F-B27E-4179-9364-132B025F2593} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
    Task: {8A99ACD9-C57F-4DD2-88EF-9ABC40013A67} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    Task: {8D398E8A-3EA9-4BB6-AF4E-9953F4E002A3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112160 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
    Task: {8DB7FFEF-3810-4ED6-84BE-D70FD39F62D5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-09] (Adobe Inc. -> Adobe)
    Task: {9DC7A9C7-B1E5-4D01-8802-A26E7617AA05} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-stefanierase@msn.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
    Task: {9E3C930B-20D4-41CD-BA7F-A10DE2A71D68} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-16] (AVAST Software s.r.o. -> AVAST Software)
    Task: {9ECA0FB5-0F4D-4D88-9D1F-1E51FBA078CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4407136 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
    Task: {A533946B-ECA7-448F-B5C8-E5BF86C7EF4A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-16] (AVAST Software s.r.o. -> AVAST Software)
    Task: {A5C9FB84-3F46-43FE-AB39-B86AAB737709} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432200 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
    Task: {A85DD8D0-747C-4BDD-9449-3F8CF8196787} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-stefanierase@msn.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    Task: {AD054E77-8553-4DDD-A8C7-CD724C8B3D52} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-04-18] (AVAST Software s.r.o. -> AVAST Software)
    Task: {AE714B22-3DA4-46C9-9E5E-756F3371FC9F} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe [11106984 2018-12-28] (Lespeed Technology Ltd. -> WiseCleaner.com)
    Task: {CE6A3779-1066-4E3D-A03E-7CE637E0A726} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25906688 2019-04-19] (Microsoft Corporation -> Microsoft Corporation)
    Task: {CEB59A07-C9D4-4A56-8063-3A437113850E} - System32\Tasks\EPSON SC-P800 Series Update {9AFB6BBE-2199-4C1C-ACD5-97579F84012E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_32TS01FA.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    Task: {DD8385DD-5D17-4490-81DD-93C78EDD31A1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432200 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
    Task: {EC8A0BC5-5911-42BE-B497-D1CDA166594F} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => Powershell -noexit -command "&{$carbProgramDataPath = $env:ProgramData + '\Carbonite\Carbonite Backup\';$upgradeExe = 'CarboniteUpgrade.exe';$upgradeFullPath = $carbProgramDataPath + $upgradeExe;$logFile = 'CarboniteUpgrade.log';$logFileFullPath = $carbProgramDataPath + $logFile;$psversion = [string]$psversio (the data entry has 1818 more characters).
    Task: {EEA1FB7B-47CC-429F-8F64-35EDB1D5088E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {EF96BFC8-57D7-42DD-8BDD-4CD1CE9E83AE} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-7MH20NA-Anderson => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    Task: {F397BF32-9101-441B-A515-561A9639AAC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-17] (Google Inc -> Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\EPSON SC-P800 Series Update {9AFB6BBE-2199-4C1C-ACD5-97579F84012E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_32TS01FA.EXE:/EXE:{9AFB6BBE-2199-4C1C-ACD5-97579F84012E} /F:UpdateWORKGROUP\DESKTOP-7MH20NA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
    Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-117299934-2116951884-1989845370-1001.job => C:\Users\Anderson\AppData\Local\GoToMeeting\12814\g2mupdate.exe
    Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-117299934-2116951884-1989845370-1001.job => C:\Users\Anderson\AppData\Local\GoToMeeting\12814\g2mupload.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{78774060-ed72-4b8f-9ad1-a2a4c1a74d6f}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
    SearchScopes: HKU\S-1-5-21-117299934-2116951884-1989845370-1001 -> DefaultScope {88BB9F0E-D6FC-494D-BBC5-91A6BE1ECE3E} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
    SearchScopes: HKU\S-1-5-21-117299934-2116951884-1989845370-1001 -> {88BB9F0E-D6FC-494D-BBC5-91A6BE1ECE3E} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
    SearchScopes: HKU\S-1-5-21-117299934-2116951884-1989845370-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BE319FEB-6DEC-4236-9D1D-A71B616C06FA}&mid=6c953a8de64647cfba719d3bff70a205-803e381f556cfccec69a2dff7c5ae3ce1e16db0b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0717tb&pr=fr&d=2016-11-21 23:01:39&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
    BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)

    FireFox:
    ========
    FF DefaultProfile: zok1qyfh.default-1554330347783
    FF ProfilePath: C:\Users\Anderson\AppData\Roaming\Mozilla\Firefox\Profiles\zok1qyfh.default-1554330347783 [2019-04-27]
    FF Homepage: Mozilla\Firefox\Profiles\zok1qyfh.default-1554330347783 -> hxxps://www.lds.org/?lang=eng
    FF Extension: (Avast Online Security) - C:\Users\Anderson\AppData\Roaming\Mozilla\Firefox\Profiles\zok1qyfh.default-1554330347783\Extensions\wrc@avast.com.xpi [2019-04-18] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
    FF Plugin HKU\S-1-5-21-117299934-2116951884-1989845370-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Anderson\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-01-03] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

    Chrome:
    =======
    CHR DefaultProfile: Profile 51
    CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Default [2019-04-27]
    CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-01-04]
    CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-01-04]
    CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20 [2019-01-04]
    CHR Extension: (Google Slides) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-24]
    CHR Extension: (DocHub - Edit and Sign PDF Documents) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\adgncicbhbjfpijkdmbijninnhnmiblj [2017-08-24]
    CHR Extension: (Google Docs) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-24]
    CHR Extension: (Google Drive) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-24]
    CHR Extension: (YouTube) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-24]
    CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-24]
    CHR Extension: (Imagine Learning) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\cmeclblmdmffdgpdlifgepjddoplmmal [2017-08-24]
    CHR Extension: (Avast SafePrice) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-08-24]
    CHR Extension: (Google Sheets) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-24]
    CHR Extension: (Google Docs Offline) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-24]
    CHR Extension: (Avast Online Security) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-24]
    CHR Extension: (Camera) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\hfhhnacclhffhdffklopdkcgdhifgngh [2017-08-24]
    CHR Extension: (iReady) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\hlibmedjdjgnlnnlmjanmlgdegeldimh [2017-08-24]
    CHR Extension: (Google Forms) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2017-08-24]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
    CHR Extension: (PDF Viewer) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2017-08-24]
    CHR Extension: (Gmail) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-24]
    CHR Extension: (Chrome Media Router) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-24]
    CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25 [2019-01-04]
    CHR Extension: (YouTube) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-29]
    CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-29]
    CHR Extension: (Avast SafePrice) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-08-29]
    CHR Extension: (Google Sheets) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-29]
    CHR Extension: (Google Docs Offline) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-29]
    CHR Extension: (Avast Online Security) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-29]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-29]
    CHR Extension: (Gmail) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-29]
    CHR Extension: (Chrome Media Router) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-29]
    CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 4 [2019-01-04]
    CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 5 [2019-01-04]
    CHR Extension: (PDF Viewer) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2017-03-16]
    CHR Extension: (Chrome Media Router) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-08]
    CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 51 [2019-04-25]
    CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6 [2019-01-04]
    CHR Extension: (Google Docs) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-03]
    CHR Extension: (Google Drive) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-16]
    CHR Extension: (YouTube) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-16]
    CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-03-16]
    CHR Extension: (Imagine Learning) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cmeclblmdmffdgpdlifgepjddoplmmal [2017-03-16]
    CHR Extension: (Google Sheets) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-16]
    CHR Extension: (Google Docs Offline) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-16]
    CHR Extension: (Camera) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\hfhhnacclhffhdffklopdkcgdhifgngh [2017-03-16]
    CHR Extension: (iReady) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\hlibmedjdjgnlnnlmjanmlgdegeldimh [2017-03-16]
    CHR Extension: (Google Forms) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2017-03-16]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-16]
    CHR Extension: (PDF Viewer) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2017-03-16]
    CHR Extension: (Gmail) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-16]
    CHR Extension: (Chrome Media Router) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-16]
    CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 7 [2019-01-04]
    CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 8 [2019-01-04]
    CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\System Profile [2019-04-25]
    CHR HKU\S-1-5-21-117299934-2116951884-1989845370-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Anderson\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-11-25]
    CHR HKU\S-1-5-21-117299934-2116951884-1989845370-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
    R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
    R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
    R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-10-21] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.)
    R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-16] (AVAST Software s.r.o. -> AVAST Software)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-16] (AVAST Software s.r.o. -> AVAST Software)
    S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10227280 2019-04-18] (AVAST Software s.r.o. -> AVAST Software)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11084584 2019-04-19] (Microsoft Corporation -> Microsoft Corporation)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-10] (Dropbox, Inc -> Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-10] (Dropbox, Inc -> Dropbox, Inc.)
    R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
    R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [File not signed]
    R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [File not signed]
    R2 RipCoreBP; C:\Program Files (x86)\Fawkes Engineering\AccuRIP\RipCore.exe [2141088 2018-12-10] (Fawkes Engineering, Inc. -> )
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-08-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
    R2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [658600 2018-12-06] (Lespeed Technology Ltd. -> WiseCleaner.com)
    S3 AvastSecureBrowserElevationService; "C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1258.86\elevation_service.exe" [X]

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
    R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
    R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
    R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-04-18] (AVAST Software s.r.o. -> AVAST Software)
    S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider)
    R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider)
    R3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [43944 2013-06-04] (BoiseTest -> Microsoft Corporation)
    R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
    R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [121344 2018-04-11] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
    R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-04-25] (Malwarebytes Corporation -> Malwarebytes)
    S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
    R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-04-27] (Malwarebytes Corporation -> Malwarebytes)
    R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-04-27] (Malwarebytes Corporation -> Malwarebytes)
    R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-27] (Malwarebytes Corporation -> Malwarebytes)
    R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-04-27] (Malwarebytes Corporation -> Malwarebytes)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
    S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-04-27 15:19 - 2019-04-27 15:31 - 000046984 _____ C:\Users\Anderson\Downloads\FRST.txt
    2019-04-27 15:18 - 2019-04-27 15:19 - 000000000 ____D C:\FRST
    2019-04-27 15:16 - 2019-04-27 15:17 - 002430464 _____ (Farbar) C:\Users\Anderson\Downloads\FRST64.exe
    2019-04-27 15:11 - 2019-04-27 15:11 - 001788928 _____ (Farbar) C:\Users\Anderson\Downloads\FRST.exe
    2019-04-27 12:59 - 2019-04-27 12:59 - 000000000 ___HD C:\OneDriveTemp
    2019-04-27 12:54 - 2019-04-27 12:54 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2019-04-27 12:53 - 2019-04-27 12:53 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2019-04-27 12:53 - 2019-04-27 12:53 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
    2019-04-27 12:53 - 2019-04-27 12:53 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
    2019-04-27 11:58 - 2019-04-27 12:51 - 000000543 _____ C:\cleanup.bat
    2019-04-27 11:56 - 2019-04-27 12:49 - 000000000 ____D C:\AVG_Remover
    2019-04-27 11:55 - 2019-04-27 11:55 - 007986864 _____ ( ) C:\Users\Anderson\Downloads\AVG_Remover.exe
    2019-04-26 21:03 - 2019-04-26 21:03 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
    2019-04-26 21:03 - 2019-04-26 21:03 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
    2019-04-26 21:03 - 2019-04-26 21:03 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
    2019-04-26 21:03 - 2019-04-26 21:03 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
    2019-04-26 21:03 - 2019-04-26 21:03 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
    2019-04-26 21:03 - 2019-04-26 21:03 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
    2019-04-26 21:03 - 2019-04-26 21:03 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
    2019-04-26 21:03 - 2019-04-26 21:03 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
    2019-04-26 21:03 - 2019-04-26 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
    2019-04-26 18:26 - 2019-04-26 18:26 - 000001220 _____ C:\Users\Anderson\Desktop\Malware scan.txt
    2019-04-25 21:27 - 2019-04-25 21:27 - 000388608 _____ (Trend Micro Inc.) C:\Users\Anderson\Downloads\HijackThis.exe
    2019-04-25 17:40 - 2019-04-25 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2019-04-25 11:27 - 2019-04-25 11:27 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
    2019-04-25 11:27 - 2019-04-25 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2019-04-25 11:27 - 2019-04-25 11:27 - 000000000 ____D C:\Program Files\iPod
    2019-04-25 11:14 - 2019-04-25 11:27 - 000000000 ____D C:\Program Files\iTunes
    2019-04-25 09:24 - 2019-04-25 09:24 - 000000000 ____D C:\Users\Anderson\AppData\Local\mbamtray
    2019-04-25 09:23 - 2019-04-25 09:23 - 000000000 ____D C:\Users\Anderson\AppData\Local\mbam
    2019-04-25 09:21 - 2019-04-25 09:21 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
    2019-04-24 15:10 - 2019-04-24 15:10 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2019-04-24 15:10 - 2019-04-24 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2019-04-24 15:10 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
    2019-04-24 15:10 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
    2019-04-24 15:08 - 2019-04-24 15:09 - 062879864 _____ (Malwarebytes ) C:\Users\Anderson\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.10310.exe
    2019-04-23 06:13 - 2019-04-23 06:13 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
    2019-04-23 06:13 - 2019-04-23 06:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
    2019-04-23 06:13 - 2019-04-23 06:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
    2019-04-23 06:13 - 2019-04-23 06:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
    2019-04-20 16:27 - 2019-04-20 16:27 - 000628067 _____ C:\Users\Anderson\Downloads\House.skp
    2019-04-20 11:15 - 2019-02-12 23:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
    2019-04-16 17:13 - 2019-04-16 17:12 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
    2019-04-15 23:09 - 2019-04-15 23:09 - 000027216 _____ C:\Users\Anderson\Downloads\serpentine-bold.otf
    2019-04-13 08:42 - 2019-04-18 08:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2019-04-12 12:35 - 2019-04-16 17:14 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
    2019-04-11 17:03 - 2019-04-11 17:03 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
    2019-04-11 17:03 - 2019-04-11 17:03 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
    2019-04-09 20:20 - 2019-04-02 02:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2019-04-09 20:20 - 2019-04-02 02:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2019-04-09 20:20 - 2019-04-02 02:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2019-04-09 20:20 - 2019-04-02 01:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2019-04-09 20:20 - 2019-04-01 23:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2019-04-09 20:20 - 2019-04-01 22:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2019-04-09 20:20 - 2019-04-01 22:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2019-04-09 20:20 - 2019-03-14 02:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2019-04-09 20:19 - 2019-04-02 06:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2019-04-09 20:19 - 2019-04-02 06:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2019-04-09 20:19 - 2019-04-02 06:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2019-04-09 20:19 - 2019-04-02 06:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2019-04-09 20:19 - 2019-04-02 06:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2019-04-09 20:19 - 2019-04-02 06:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
    2019-04-09 20:19 - 2019-04-02 06:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
    2019-04-09 20:19 - 2019-04-02 06:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
    2019-04-09 20:19 - 2019-04-02 06:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2019-04-09 20:19 - 2019-04-02 06:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2019-04-09 20:19 - 2019-04-02 06:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
    2019-04-09 20:19 - 2019-04-02 06:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2019-04-09 20:19 - 2019-04-02 06:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2019-04-09 20:19 - 2019-04-02 06:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2019-04-09 20:19 - 2019-04-02 06:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
    2019-04-09 20:19 - 2019-04-02 06:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
    2019-04-09 20:19 - 2019-04-02 03:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2019-04-09 20:19 - 2019-04-02 03:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2019-04-09 20:19 - 2019-04-02 03:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2019-04-09 20:19 - 2019-04-02 03:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
    2019-04-09 20:19 - 2019-04-02 03:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
    2019-04-09 20:19 - 2019-04-02 03:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2019-04-09 20:19 - 2019-04-02 03:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2019-04-09 20:19 - 2019-04-02 03:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2019-04-09 20:19 - 2019-04-02 03:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2019-04-09 20:19 - 2019-04-02 02:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2019-04-09 20:19 - 2019-04-02 02:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2019-04-09 20:19 - 2019-04-02 02:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2019-04-09 20:19 - 2019-04-02 02:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2019-04-09 20:19 - 2019-04-02 02:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2019-04-09 20:19 - 2019-04-02 02:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2019-04-09 20:19 - 2019-04-02 02:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2019-04-09 20:19 - 2019-04-02 02:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2019-04-09 20:19 - 2019-04-02 02:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2019-04-09 20:19 - 2019-04-02 02:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2019-04-09 20:19 - 2019-04-02 02:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2019-04-09 20:19 - 2019-04-02 02:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2019-04-09 20:19 - 2019-04-02 02:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
    2019-04-09 20:19 - 2019-04-02 02:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
    2019-04-09 20:19 - 2019-04-02 01:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2019-04-09 20:19 - 2019-04-02 01:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2019-04-09 20:19 - 2019-04-02 01:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2019-04-09 20:19 - 2019-04-02 01:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2019-04-09 20:19 - 2019-04-02 01:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
    2019-04-09 20:19 - 2019-04-02 01:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2019-04-09 20:19 - 2019-04-02 01:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2019-04-09 20:19 - 2019-04-02 01:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
    2019-04-09 20:19 - 2019-04-02 01:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2019-04-09 20:19 - 2019-04-02 01:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
    2019-04-09 20:19 - 2019-04-02 01:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2019-04-09 20:19 - 2019-04-02 01:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2019-04-09 20:19 - 2019-04-02 01:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2019-04-09 20:19 - 2019-04-02 01:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2019-04-09 20:19 - 2019-04-02 01:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
    2019-04-09 20:19 - 2019-04-02 01:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
    2019-04-09 20:19 - 2019-04-02 01:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2019-04-09 20:19 - 2019-04-02 00:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
    2019-04-09 20:19 - 2019-04-01 23:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2019-04-09 20:19 - 2019-04-01 23:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
    2019-04-09 20:19 - 2019-04-01 23:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
    2019-04-09 20:19 - 2019-04-01 23:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2019-04-09 20:19 - 2019-04-01 22:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2019-04-09 20:19 - 2019-04-01 22:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2019-04-09 20:19 - 2019-04-01 22:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2019-04-09 20:19 - 2019-04-01 22:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
    2019-04-09 20:19 - 2019-04-01 22:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
    2019-04-09 20:19 - 2019-04-01 22:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
    2019-04-09 20:19 - 2019-04-01 22:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2019-04-09 20:19 - 2019-04-01 22:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
    2019-04-09 20:19 - 2019-04-01 22:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2019-04-09 20:19 - 2019-03-16 06:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
    2019-04-09 20:19 - 2019-03-16 03:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
    2019-04-09 20:19 - 2019-03-14 08:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2019-04-09 20:19 - 2019-03-14 08:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
    2019-04-09 20:19 - 2019-03-14 08:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
    2019-04-09 20:19 - 2019-03-14 08:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
    2019-04-09 20:19 - 2019-03-14 08:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
    2019-04-09 20:19 - 2019-03-14 08:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
    2019-04-09 20:19 - 2019-03-14 08:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
    2019-04-09 20:19 - 2019-03-14 08:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
    2019-04-09 20:19 - 2019-03-14 08:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
    2019-04-09 20:19 - 2019-03-14 08:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2019-04-09 20:19 - 2019-03-14 08:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
    2019-04-09 20:19 - 2019-03-14 08:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
    2019-04-09 20:19 - 2019-03-14 08:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2019-04-09 20:19 - 2019-03-14 07:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
    2019-04-09 20:19 - 2019-03-14 07:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
    2019-04-09 20:19 - 2019-03-14 07:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
    2019-04-09 20:19 - 2019-03-14 07:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
    2019-04-09 20:19 - 2019-03-14 07:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
    2019-04-09 20:19 - 2019-03-14 07:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
    2019-04-09 20:19 - 2019-03-14 02:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
    2019-04-09 20:19 - 2019-03-14 02:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2019-04-09 20:19 - 2019-03-14 02:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2019-04-09 20:19 - 2019-03-14 02:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
    2019-04-09 20:19 - 2019-03-14 02:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2019-04-09 20:19 - 2019-03-14 02:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2019-04-09 20:19 - 2019-03-14 02:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
    2019-04-09 20:19 - 2019-03-14 02:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
    2019-04-09 20:19 - 2019-03-14 02:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2019-04-09 20:19 - 2019-03-14 02:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
    2019-04-09 20:19 - 2019-03-14 02:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2019-04-09 20:19 - 2019-03-14 02:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2019-04-09 20:19 - 2019-03-14 02:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2019-04-09 20:19 - 2019-03-14 02:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2019-04-09 20:19 - 2019-03-14 02:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2019-04-09 20:19 - 2019-03-14 02:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
    2019-04-09 20:19 - 2019-03-14 02:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2019-04-09 20:19 - 2019-03-14 02:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
    2019-04-09 20:19 - 2019-03-14 02:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
    2019-04-09 20:19 - 2019-03-14 02:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2019-04-09 20:19 - 2019-03-14 02:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2019-04-09 20:19 - 2019-03-14 02:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2019-04-09 20:19 - 2019-03-14 02:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2019-04-09 20:19 - 2019-03-14 02:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2019-04-09 20:19 - 2019-03-14 02:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
    2019-04-09 20:19 - 2019-03-14 02:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
    2019-04-09 20:19 - 2019-03-14 02:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2019-04-09 20:19 - 2019-03-14 02:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2019-04-09 20:19 - 2019-03-14 02:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2019-04-09 20:19 - 2019-03-14 02:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
    2019-04-09 20:19 - 2019-03-14 02:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
    2019-04-09 20:19 - 2019-03-14 02:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
    2019-04-09 20:19 - 2019-03-14 02:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
    2019-04-09 20:19 - 2019-03-14 02:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2019-04-09 20:19 - 2019-03-14 02:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2019-04-09 20:19 - 2019-03-14 02:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2019-04-09 20:19 - 2019-03-14 02:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
    2019-04-09 20:19 - 2019-03-14 02:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
    2019-04-09 20:19 - 2019-03-14 02:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
    2019-04-09 20:19 - 2019-03-14 02:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
    2019-04-09 20:19 - 2019-03-14 02:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2019-04-09 20:19 - 2019-03-14 02:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
    2019-04-09 20:19 - 2019-03-14 02:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2019-04-09 20:19 - 2019-03-14 02:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
    2019-04-09 20:19 - 2019-03-14 02:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2019-04-09 20:19 - 2019-03-14 02:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
    2019-04-09 20:19 - 2019-03-14 02:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2019-04-09 20:19 - 2019-03-14 02:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2019-04-09 20:19 - 2019-03-14 02:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
    2019-04-09 20:19 - 2019-03-14 02:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2019-04-09 20:19 - 2019-03-14 01:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2019-04-09 20:19 - 2019-03-14 01:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
    2019-04-09 20:19 - 2019-03-14 01:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
    2019-04-09 20:19 - 2019-03-14 01:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2019-04-09 20:19 - 2019-03-14 01:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
    2019-04-09 20:19 - 2019-03-14 01:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2019-04-09 20:19 - 2019-03-14 01:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2019-04-09 20:19 - 2019-03-14 01:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
    2019-04-09 20:19 - 2019-03-14 01:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
    2019-04-09 20:19 - 2019-03-14 01:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2019-04-09 20:19 - 2019-03-14 01:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
    2019-04-09 20:19 - 2019-03-14 01:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2019-04-09 20:19 - 2019-03-14 01:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2019-04-09 20:19 - 2019-03-14 01:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
    2019-04-09 20:19 - 2019-03-14 01:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
    2019-04-09 20:19 - 2019-03-14 01:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
    2019-04-09 20:19 - 2019-03-14 01:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
    2019-04-09 20:19 - 2019-03-14 01:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
    2019-04-09 20:19 - 2019-03-14 01:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
    2019-04-09 20:19 - 2019-03-14 01:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
    2019-04-09 20:19 - 2019-03-14 01:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
    2019-04-09 20:19 - 2019-03-14 01:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2019-04-09 20:19 - 2019-03-14 01:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2019-04-09 20:19 - 2019-03-14 01:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
    2019-04-09 20:19 - 2019-03-14 01:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
    2019-04-09 20:19 - 2019-03-14 01:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
    2019-04-09 20:19 - 2019-03-14 01:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
    2019-04-09 20:19 - 2019-03-14 01:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
    2019-04-09 20:19 - 2019-03-14 01:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
    2019-04-09 20:19 - 2019-03-14 01:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
    2019-04-09 20:19 - 2019-03-14 01:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
    2019-04-09 20:19 - 2019-03-14 01:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2019-04-09 20:19 - 2019-03-14 01:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2019-04-09 20:19 - 2019-03-14 01:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2019-04-09 20:19 - 2019-03-14 01:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
    2019-04-09 20:19 - 2019-03-14 01:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2019-04-09 20:19 - 2019-03-14 01:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
    2019-04-09 20:19 - 2019-03-14 01:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
    2019-04-09 20:19 - 2019-03-14 01:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
    2019-04-09 20:19 - 2019-03-14 01:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2019-04-09 20:19 - 2019-03-14 01:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2019-04-09 20:19 - 2019-03-14 01:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
    2019-04-09 20:19 - 2019-03-14 01:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2019-04-09 20:19 - 2019-03-14 01:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2019-04-09 20:19 - 2019-03-14 01:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2019-04-09 20:19 - 2019-03-14 01:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2019-04-09 20:19 - 2019-03-14 01:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
    2019-04-09 20:19 - 2019-03-14 01:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2019-04-09 20:19 - 2019-03-14 01:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
    2019-04-09 20:19 - 2019-03-14 01:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2019-04-09 20:19 - 2019-03-14 01:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
    2019-04-09 20:19 - 2019-03-13 19:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2019-04-09 20:19 - 2019-03-13 19:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
    2019-04-09 20:19 - 2019-03-13 19:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
    2019-04-09 20:19 - 2019-03-13 19:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
    2019-04-09 20:19 - 2019-03-13 19:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
    2019-04-09 19:22 - 2019-04-09 19:22 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC 2019.lnk
    2019-04-03 19:39 - 2019-04-03 19:39 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2019.lnk
    2019-04-03 19:16 - 2019-04-18 08:35 - 000536752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2019-04-03 16:46 - 2019-04-03 16:46 - 000001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2019.lnk
    2019-04-03 16:13 - 2019-04-03 16:13 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver 2019.lnk
    2019-04-02 08:55 - 2019-04-02 08:55 - 000000000 ____D C:\Users\Anderson\Downloads\Charlemagne Std Bold
    2019-04-02 08:54 - 2019-04-02 08:54 - 000041234 _____ C:\Users\Anderson\Downloads\Charlemagne Std Bold.zip
    2019-03-31 16:00 - 2019-03-31 16:00 - 000002205 _____ C:\Users\Public\Desktop\Carbonite.lnk
    2019-03-31 16:00 - 2019-03-31 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
    2019-03-29 12:51 - 2019-03-29 12:52 - 000671175 _____ C:\Users\Anderson\Downloads\Compare.products.3985_AquaticBlue.1559_LightBlue.625_IndigoBlue.4814_DeepRoyal.pdf

    ==================== One month (modified) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-04-27 15:41 - 2018-04-11 17:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2019-04-27 15:21 - 2016-11-17 15:05 - 000000000 ____D C:\Users\Anderson\AppData\LocalLow\Mozilla
    2019-04-27 14:59 - 2018-06-10 18:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2019-04-27 14:28 - 2018-09-15 03:43 - 000000000 ___HD C:\$WINDOWS.~BT
    2019-04-27 13:01 - 2016-11-19 10:42 - 000000000 ___RD C:\Users\Anderson\Creative Cloud Files
    2019-04-27 13:01 - 2016-11-19 09:39 - 000000000 ____D C:\Users\Anderson\AppData\Local\Adobe
    2019-04-27 12:59 - 2016-11-23 21:36 - 000000000 ___RD C:\Users\Anderson\iCloudDrive
    2019-04-27 12:59 - 2016-11-16 16:23 - 000000000 ___RD C:\Users\Anderson\OneDrive
    2019-04-27 12:57 - 2019-01-04 16:30 - 000000000 ____D C:\Users\Anderson\AppData\Roaming\Wise Care 365
    2019-04-27 12:53 - 2018-06-10 18:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2019-04-27 12:52 - 2018-04-11 15:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2019-04-27 12:29 - 2018-11-29 19:48 - 000000000 ___HD C:\Users\Anderson\Desktop\.tmp.drivedownload
    2019-04-27 12:20 - 2018-06-10 18:58 - 000004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{493FC8D2-69E7-40AB-95DA-49319A6166A1}
    2019-04-27 12:05 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\AppReadiness
    2019-04-27 12:01 - 2017-10-17 09:01 - 000000684 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-117299934-2116951884-1989845370-1001.job
    2019-04-27 12:01 - 2017-10-17 09:01 - 000000588 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-117299934-2116951884-1989845370-1001.job
    2019-04-27 11:47 - 2018-06-04 21:45 - 000000000 ___DC C:\WINDOWS\Panther
    2019-04-26 23:37 - 2018-06-10 18:58 - 000003858 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-117299934-2116951884-1989845370-1001
    2019-04-26 23:37 - 2018-06-10 18:58 - 000003762 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-117299934-2116951884-1989845370-1001
    2019-04-26 23:37 - 2017-10-17 09:01 - 000000000 ____D C:\Users\Anderson\AppData\Local\GoToMeeting
    2019-04-26 20:59 - 2018-02-15 20:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
    2019-04-26 20:54 - 2018-04-11 17:38 - 000000000 ___HD C:\Program Files\WindowsApps
    2019-04-25 23:22 - 2017-02-12 21:57 - 000000000 ____D C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
    2019-04-25 23:12 - 2018-06-23 14:45 - 000000000 ____D C:\Users\Anderson\AppData\Local\CrashDumps
    2019-04-25 22:12 - 2018-06-10 18:21 - 000000000 ____D C:\Users\defaultuser0
    2019-04-25 22:11 - 2018-06-10 18:21 - 000000000 ____D C:\Users\Anderson
    2019-04-25 21:34 - 2017-07-18 11:57 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
    2019-04-25 21:28 - 2016-11-16 16:19 - 000000000 ____D C:\Users\Anderson\AppData\Local\VirtualStore
    2019-04-25 17:41 - 2017-01-10 15:11 - 000000000 ____D C:\Program Files (x86)\Dropbox
    2019-04-24 21:59 - 2019-01-08 18:05 - 000000000 ____D C:\Users\Anderson\Desktop\Emily
    2019-04-24 21:48 - 2017-12-21 23:52 - 000000000 ____D C:\Users\Anderson\AppData\Local\Packages
    2019-04-24 15:10 - 2018-04-11 17:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2019-04-23 21:16 - 2018-12-26 22:13 - 000463408 _____ C:\WINDOWS\SysWOW64\postscript.ps
    2019-04-20 17:36 - 2018-12-26 20:16 - 000000955 _____ C:\WINDOWS\Tasks\EPSON SC-P800 Series Update {9AFB6BBE-2199-4C1C-ACD5-97579F84012E}.job
    2019-04-20 17:36 - 2017-01-10 15:11 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
    2019-04-20 17:36 - 2017-01-10 15:11 - 000000940 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
    2019-04-20 16:41 - 2019-01-24 21:12 - 000003590 _____ C:\WINDOWS\System32\Tasks\Wise Care 365 PC Checkup Task
    2019-04-20 16:41 - 2019-01-04 17:03 - 000003066 _____ C:\WINDOWS\System32\Tasks\Wise Care 365.job
    2019-04-20 16:41 - 2018-12-26 20:16 - 000003508 _____ C:\WINDOWS\System32\Tasks\EPSON SC-P800 Series Update {9AFB6BBE-2199-4C1C-ACD5-97579F84012E}
    2019-04-20 16:41 - 2018-09-12 09:21 - 000002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
    2019-04-20 16:41 - 2018-06-10 18:58 - 000007586 _____ C:\WINDOWS\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}
    2019-04-20 16:41 - 2018-06-10 18:58 - 000003750 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
    2019-04-20 16:41 - 2018-06-10 18:58 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2019-04-20 16:41 - 2018-06-10 18:58 - 000003458 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
    2019-04-20 16:41 - 2018-06-10 18:58 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2019-04-20 16:41 - 2018-06-10 18:58 - 000003278 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2019-04-20 16:41 - 2018-06-10 18:58 - 000003234 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
    2019-04-20 16:41 - 2018-06-10 18:58 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2019-04-20 16:41 - 2018-06-10 18:58 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-117299934-2116951884-1989845370-1001
    2019-04-20 16:41 - 2018-06-10 18:58 - 000002850 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-stefanierase@msn.com
    2019-04-20 16:41 - 2018-06-10 18:58 - 000002804 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-stefanierase@msn.com
    2019-04-20 16:41 - 2018-06-10 18:58 - 000002778 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-7MH20NA-Anderson
    2019-04-20 16:41 - 2018-06-10 18:58 - 000002642 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
    2019-04-20 16:41 - 2018-06-10 18:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
    2019-04-20 11:15 - 2018-04-11 17:30 - 000000000 ____D C:\WINDOWS\CbsTemp
    2019-04-20 11:01 - 2018-12-24 15:52 - 000004286 _____ C:\WINDOWS\System32\Tasks\Avast Cleanup Update
    2019-04-20 10:17 - 2018-06-10 18:58 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
    2019-04-18 13:48 - 2018-11-25 22:56 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
    2019-04-18 13:48 - 2018-11-25 22:56 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
    2019-04-18 13:48 - 2018-11-25 22:56 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
    2019-04-18 13:48 - 2018-11-25 22:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
    2019-04-18 09:00 - 2016-11-17 22:15 - 000000000 ___RD C:\Users\Anderson\Dropbox
    2019-04-18 08:56 - 2017-07-18 11:16 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
    2019-04-18 08:37 - 2018-04-11 17:36 - 000000000 ____D C:\WINDOWS\INF
    2019-04-18 08:31 - 2018-04-11 17:38 - 000000000 ___RD C:\Program Files\Windows Defender
    2019-04-18 08:31 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\TextInput
    2019-04-18 08:31 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\bcastdvr
    2019-04-18 08:20 - 2016-11-17 15:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2019-04-16 17:14 - 2017-07-18 11:16 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
    2019-04-16 17:12 - 2019-02-13 04:05 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
    2019-04-16 17:12 - 2019-01-14 09:11 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
    2019-04-16 17:12 - 2019-01-04 13:07 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
    2019-04-16 17:12 - 2019-01-04 13:07 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
    2019-04-16 17:12 - 2019-01-04 13:07 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
    2019-04-16 17:12 - 2019-01-04 13:07 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
    2019-04-16 17:12 - 2018-10-10 05:00 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
    2019-04-16 17:12 - 2017-11-16 19:41 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
    2019-04-16 17:12 - 2017-07-18 11:16 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
    2019-04-16 17:12 - 2017-07-18 11:16 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
    2019-04-16 17:12 - 2017-07-18 11:16 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
    2019-04-16 17:12 - 2017-07-18 11:16 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2019-04-16 17:12 - 2017-07-18 11:16 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2019-04-14 20:32 - 2016-11-17 15:05 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
    2019-04-12 20:28 - 2018-06-10 18:21 - 000002372 _____ C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2019-04-11 17:03 - 2018-05-16 21:35 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
    2019-04-11 17:03 - 2018-05-16 21:35 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
    2019-04-11 15:55 - 2017-07-18 11:17 - 000000000 ____D C:\Users\Anderson\AppData\Roaming\AVAST Software
    2019-04-11 11:47 - 2016-11-17 10:48 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2019-04-11 11:47 - 2016-11-17 10:48 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2019-04-11 10:02 - 2016-11-17 10:51 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2019-04-09 20:17 - 2016-11-16 18:14 - 000000000 ____D C:\WINDOWS\system32\MRT
    2019-04-09 20:01 - 2016-11-16 18:14 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2019-04-09 19:22 - 2019-03-17 02:02 - 000000000 ___HD C:\adobeTemp
    2019-04-09 07:54 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2019-04-09 07:54 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2019-04-05 17:51 - 2018-11-15 20:12 - 000000000 ____D C:\Program Files\rempl
    2019-04-04 19:14 - 2018-06-10 18:38 - 000793700 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2019-04-03 19:52 - 2016-11-17 10:49 - 000000000 ____D C:\ProgramData\Adobe
    2019-04-03 19:39 - 2016-11-19 10:53 - 000000000 ____D C:\Program Files\Common Files\Adobe
    2019-04-03 19:16 - 2018-02-03 17:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
    2019-04-03 18:20 - 2016-11-17 22:05 - 000000000 ____D C:\Users\Anderson\Desktop\Stefanie
    2019-04-03 16:46 - 2016-11-19 10:45 - 000000000 ____D C:\Program Files\Adobe
    2019-04-03 16:26 - 2016-11-17 22:04 - 000000000 ____D C:\Users\Anderson\Desktop\Old Firefox Data
    2019-04-03 14:10 - 2013-10-11 14:16 - 000007934 _____ C:\Users\Anderson\Documents\Whole Wheat Bread recipe.odt
    2019-04-01 11:51 - 2018-08-15 16:34 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2019-04-01 11:51 - 2018-08-15 16:34 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2019-03-30 20:00 - 2016-11-30 16:56 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
    2019-03-29 12:22 - 2018-02-06 20:33 - 000000000 ____D C:\Users\Anderson\AppData\Local\CutePDF Writer

    ==================== Files in the root of some directories =======

    2016-01-10 17:16 - 2016-04-16 19:57 - 000000122 _____ () C:\Users\Anderson\jobq.dat
    2016-11-19 11:04 - 2018-12-31 21:31 - 000000033 _____ () C:\Users\Anderson\AppData\Roaming\AdobeWLCMCache.dat
    2018-07-04 00:13 - 2018-07-30 20:35 - 000000028 _____ () C:\Users\Anderson\AppData\Roaming\kulerdata.json
    2018-09-26 17:05 - 2018-09-26 17:05 - 000000000 _____ () C:\Users\Anderson\AppData\Local\oobelibMkey.log
    2018-07-28 22:54 - 2018-08-01 00:11 - 000000600 _____ () C:\Users\Anderson\AppData\Local\PUTTY.RND

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.04.2019
    Ran by Anderson (27-04-2019 15:50:04)
    Running from C:\Users\Anderson\Downloads
    Windows 10 Home Version 1803 17134.706 (X64) (2018-06-11 00:59:46)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-117299934-2116951884-1989845370-500 - Administrator - Disabled)
    Anderson (S-1-5-21-117299934-2116951884-1989845370-1001 - Administrator - Enabled) => C:\Users\Anderson
    DefaultAccount (S-1-5-21-117299934-2116951884-1989845370-503 - Limited - Disabled)
    defaultuser0 (S-1-5-21-117299934-2116951884-1989845370-1000 - Limited - Disabled) => C:\Users\defaultuser0
    Guest (S-1-5-21-117299934-2116951884-1989845370-501 - Limited - Disabled)
    WDAGUtilityAccount (S-1-5-21-117299934-2116951884-1989845370-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
    AccuRIP (HKLM-x32\...\AccuRIP) (Version: 1.05.051 - Fawkes Engineering / Freehand Graphics)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
    Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
    Adobe Bridge CC 2019 (HKLM-x32\...\KBRG_9_0_3) (Version: 9.0.3 - Adobe Systems Incorporated)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.1.435 - Adobe Systems Incorporated)
    Adobe Dreamweaver 2019 (HKLM-x32\...\DRWV_19_1) (Version: 19.1 - Adobe Systems Incorporated)
    Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_5_0) (Version: 17.5.0 - Adobe Systems Incorporated)
    Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
    Adobe Illustrator 2019 (HKLM-x32\...\ILST_23_0_3) (Version: 23.0.3 - Adobe Systems Incorporated)
    Adobe InDesign 2019 (HKLM-x32\...\IDSN_14_0_2) (Version: 14.0.2 - Adobe Systems Incorporated)
    Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_1_0) (Version: 12.1.0 - Adobe Systems Incorporated)
    Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_6) (Version: 18.1.6 - Adobe Systems Incorporated)
    Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
    AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
    Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
    Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7102 - AVAST Software)
    Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
    Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 73.0.1258.86 - AVAST Software)
    Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
    AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.9.626 - AVG Technologies)
    Backup and Sync from Google (HKLM\...\{F9EEDE46-6409-4ECC-8AB6-7062464987A4}) (Version: 3.43.4275.9540 - Google, Inc.)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Carbonite (HKLM-x32\...\{129A37E4-7280-429B-B2C6-FF2EA057F239}) (Version: 6.3.4 build 7957 (Feb-08-2019) - Carbonite)
    CutePDF Writer 3.2 (HKLM\...\CutePDF Writer Installation) (Version: 3.2 - Acro Software Inc.)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 71.4.108 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
    EPSON SC-P800 Series Printer Uninstall (HKLM\...\EPSON SC-P800 Series) (Version: - SEIKO EPSON Corporation)
    Epson Software Updater (HKLM-x32\...\{60A3CB9F-4429-4C7A-AA97-77CC4FE10671}) (Version: 4.4.9 - Seiko Epson Corporation)
    Epson SureColor P800 Guide version 1.0 (HKLM-x32\...\UsersGuideEpson SureColor P800 Guide_is1) (Version: 1.0 - )
    EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
    FileZilla Client 3.35.1 (HKLM-x32\...\FileZilla Client) (Version: 3.35.1 - Tim Kosse)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
    GoTo Opener (HKLM-x32\...\{351B54B2-1AFC-42A7-A8C0-9E05C26F0D1E}) (Version: 1.0.470 - LogMeIn, Inc.)
    GoToMeeting 8.44.0.12814 (HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\GoToMeeting) (Version: 8.44.0.12814 - LogMeIn, Inc.)
    iCloud (HKLM\...\{5FEE6A85-BB93-49AB-8927-F1D780BB6727}) (Version: 7.8.0.7 - Apple Inc.)
    iTunes (HKLM\...\{DF90B2B3-5832-4E85-934D-8048B33A1D67}) (Version: 12.9.4.102 - Apple Inc.)
    Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
    Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11425.20244 - Microsoft Corporation)
    Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
    Mozilla Firefox 66.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 66.0.3 (x64 en-US)) (Version: 66.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.3.7038 - Mozilla)
    Mozilla Thunderbird 60.6.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 60.6.1 (x86 en-US)) (Version: 60.6.1 - Mozilla)
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
    OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
    Shrink Pic (remove) (HKLM-x32\...\Shrink Pic) (Version: - )
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Wise Care 365 5.2.3 (HKLM-x32\...\Wise Care 365_is1) (Version: 5.2.3 - WiseCleaner.com, Inc.)
    Zoom (HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-0CD4C1AB600E} -> [Creative Cloud Files] => C:\Users\Anderson\Creative Cloud Files [2016-11-19 10:42]
    CustomCLSID: HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Anderson\AppData\Local\GoToMeeting\7716\G2MOutlookAddin64.dll => No File
    CustomCLSID: HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Anderson\Dropbox [2016-11-17 22:15]
    CustomCLSID: HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
    ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
    ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
    ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-10-01] (Apple Inc. -> Apple Inc.)
    ContextMenuHandlers2: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers4: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
    ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Camera (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3" --app-id=hfhhnacclhffhdffklopdkcgdhifgngh
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Camera (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5" --app-id=hfhhnacclhffhdffklopdkcgdhifgngh
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Camera (3).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6" --app-id=hfhhnacclhffhdffklopdkcgdhifgngh
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Camera (4).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 20" --app-id=hfhhnacclhffhdffklopdkcgdhifgngh
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Camera (5).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 29" --app-id=hfhhnacclhffhdffklopdkcgdhifgngh
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Camera.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2" --app-id=hfhhnacclhffhdffklopdkcgdhifgngh
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning (3).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning (4).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 11" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning (5).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 20" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning (6).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 29" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady (3).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady (4).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 11" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady (5).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 20" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady (6).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 29" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
    ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f04b99502c311012\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 44"

    ==================== Loaded Modules (Whitelisted) ==============

    2015-06-17 17:44 - 2015-06-17 17:44 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
    2015-08-21 22:09 - 2015-08-21 22:09 - 000344064 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    2013-11-15 00:47 - 2013-11-15 00:47 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
    2013-11-15 00:47 - 2013-11-15 00:47 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
    2009-05-04 10:20 - 2009-05-04 10:20 - 002528256 _____ () [File not signed] C:\Program Files (x86)\Shrink Pic\shrink_pic.exe
    2019-04-20 10:43 - 2019-04-20 10:43 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM\23e628c030049e8c0d07b78014827e03\MOM.ni.exe
    2019-04-20 10:43 - 2019-04-20 10:43 - 000391680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\b9a7ad5a9068b811513115f9cd8ac80c\MOM.Implementation.ni.dll
    2019-04-20 10:35 - 2019-04-20 10:35 - 000132096 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\979eb55a8120ba4af26bd1bf0642add0\LOG.Foundation.ni.dll
    2019-04-20 10:35 - 2019-04-20 10:35 - 000146432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\bbcea7b238ee69121b9934586a52065e\LOG.Foundation.Private.ni.dll
    2019-04-20 10:42 - 2019-04-20 10:42 - 000289792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\e7f5483b1646e6fa2a1fcd4b9308b10e\LOG.Foundation.Implementation.ni.dll
    2019-04-20 10:36 - 2019-04-20 10:36 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\7effe05a6141dfb29f8fdd26abf02623\MOM.Foundation.ni.dll
    2019-04-20 10:36 - 2019-04-20 10:36 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\a093d75ad676040ac1e079648e72e0c3\LOG.Foundation.Implementation.Private.ni.dll
    2019-04-20 10:36 - 2019-04-20 10:36 - 000199168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\0058a791ec0f65262c2200c265488e85\CCC.Implementation.ni.dll
    2019-04-27 12:57 - 2019-04-27 12:57 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\python27.dll
    2019-04-27 12:57 - 2019-04-27 12:57 - 000113664 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_ctypes.pyd
    2019-04-27 12:57 - 2019-04-27 12:57 - 000080896 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\bz2.pyd
    2019-04-27 12:57 - 2019-04-27 12:57 - 001792512 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_hashlib.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000128512 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32api.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000137728 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\pywintypes27.dll
    2019-04-27 12:57 - 2019-04-27 12:58 - 000548864 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\pythoncom27.dll
    2019-04-27 12:58 - 2019-04-27 12:58 - 000689664 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\unicodedata.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000438784 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32com.shell.shell.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 001489408 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wx._core_.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wxbase30u_net_vc90_x64.dll
    2019-04-27 12:58 - 2019-04-27 12:58 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wxbase30u_vc90_x64.dll
    2019-04-27 12:58 - 2019-04-27 12:58 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wxmsw30u_adv_vc90_x64.dll
    2019-04-27 12:58 - 2019-04-27 12:58 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wxmsw30u_core_vc90_x64.dll
    2019-04-27 12:58 - 2019-04-27 12:58 - 001007104 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wx._gdi_.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 001039872 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wx._windows_.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wxmsw30u_html_vc90_x64.dll
    2019-04-27 12:58 - 2019-04-27 12:58 - 001325056 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wx._controls_.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000916992 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wx._misc_.pyd
    2019-04-27 12:57 - 2019-04-27 12:57 - 001084416 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\pysqlite2._sqlite.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000149504 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32file.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000136192 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32security.pyd
    2019-04-27 12:57 - 2019-04-27 12:57 - 000007680 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\hashobjs_ext.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000020992 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\thumbnails_ext.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000118784 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\usb_ext.pyd
    2019-04-27 12:57 - 2019-04-27 12:57 - 000047616 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_socket.pyd
    2019-04-27 12:57 - 2019-04-27 12:57 - 002224640 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_ssl.pyd
    2019-04-27 12:57 - 2019-04-27 12:57 - 000014848 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\common.time34.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000023040 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32event.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000034304 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\windows.conditional.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000020480 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\windows.winwrap.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000110080 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\windows.volumes.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000223232 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32gui.pyd
    2019-04-27 12:57 - 2019-04-27 12:57 - 000173568 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_elementtree.pyd
    2019-04-27 12:57 - 2019-04-27 12:57 - 000169472 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\pyexpat.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000048128 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32inet.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000103424 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wx._html2.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wxmsw30u_webview_vc90_x64.dll
    2019-04-27 12:57 - 2019-04-27 12:57 - 000046080 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_psutil_windows.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000011776 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32crypt.pyd
    2019-04-27 12:57 - 2019-04-27 12:57 - 000301568 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\PIL._imaging.pyd
    2019-04-27 12:57 - 2019-04-27 12:57 - 000032256 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_multiprocessing.pyd
    2019-04-27 12:57 - 2019-04-27 12:57 - 005752320 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\cello.pyd
    2019-04-27 12:57 - 2019-04-27 12:57 - 000026112 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_yappi.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000044032 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32process.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000027648 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32pipe.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000010752 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\select.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000029696 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32pdh.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000038400 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\windows.connectivity.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000073216 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\windows.device_monitor.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000020480 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32profile.pyd
    2019-04-27 12:58 - 2019-04-27 12:58 - 000026624 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32ts.pyd
    2019-04-20 10:36 - 2019-04-20 10:36 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC\e1637f1318b74f4cee52c3e29f211730\CCC.ni.exe
    2019-04-20 10:36 - 2019-04-20 10:36 - 000295424 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\2ea0fe37993a3a70a0e1b16d28845d10\CLI.Foundation.ni.dll
    2017-06-27 22:25 - 2017-06-27 22:25 - 004452352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5Widgets.dll
    2017-06-27 22:19 - 2017-06-27 22:19 - 004960256 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5Gui.dll
    2017-06-27 22:12 - 2017-06-27 22:12 - 000150528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5Xml.dll
    2017-06-27 22:18 - 2017-06-27 22:18 - 000952320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5Network.dll
    2018-12-10 19:32 - 2018-12-10 19:32 - 004763136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5Core.dll
    2017-06-27 22:13 - 2017-06-27 22:13 - 000155648 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5Sql.dll
    2018-12-10 19:16 - 2018-12-10 19:16 - 000064000 _____ () [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\plugins\HalftonerAmFm.dll
    2018-12-10 19:16 - 2018-12-10 19:16 - 000117760 _____ () [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\plugins\HalftonerJawsAm.dll
    2017-06-27 22:26 - 2017-06-27 22:26 - 000267264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5PrintSupport.dll
    2018-12-10 19:18 - 2018-12-10 19:18 - 000060928 _____ () [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\plugins\OutputerWin32.dll
    2018-12-10 19:17 - 2018-12-10 19:17 - 000109568 _____ () [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\plugins\PrinterCanon.dll
    2018-12-10 19:17 - 2018-12-10 19:17 - 000281600 _____ () [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\plugins\PrinterEpson.dll
    2018-12-10 19:17 - 2018-12-10 19:17 - 000055808 _____ () [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\plugins\PrinterRyonetDts.dll
    2017-06-27 22:30 - 2017-06-27 22:30 - 000829440 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\sqldrivers\qsqlite.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
    2019-04-24 15:10 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
    2009-05-04 09:24 - 2009-05-04 09:24 - 000187392 _____ () [File not signed] C:\Program Files (x86)\Shrink Pic\shrinkpici.dll
    2018-12-24 15:51 - 2016-09-12 15:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\sharepoint.com -> hxxps://studentssnow-files.sharepoint.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2016-07-16 05:47 - 2019-01-04 04:56 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.

    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_5CAF00AE0FF87E34AC799D4A843F69A7"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{85BA9908-75E8-42EA-83E1-F381CFA7759C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [UDP Query User{518A9C96-C376-4A0C-9A3E-7ED185E9BA93}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [TCP Query User{B738EC9B-E3CE-4424-93F8-01F898CBDF96}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [UDP Query User{16C66ED8-C19A-4E8C-BF42-7D47A2B35C2C}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
    FirewallRules: [TCP Query User{489DE0AA-9C13-44B6-97DD-C6D31152AA9D}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
    FirewallRules: [UDP Query User{A419D628-C581-45E6-BE60-FC38CAB2E122}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
    FirewallRules: [TCP Query User{A4410F06-749E-424E-895D-17E0ADF6B4F7}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
    FirewallRules: [{C330F7C4-CC81-48FB-91AD-1DD4DEA708FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{831AB0F0-77EF-49E5-A641-40251FC229D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{7656BEF3-351D-4810-973C-B304A1A1B853}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{86E447D0-1E7A-4F80-B3A4-BCF4B934DB24}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{51C454E5-EFC1-4518-AE9A-474C70A04CEB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{6825A35E-E4F2-4237-9BF1-A6552CB44260}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{5A3B9A24-ED6C-4992-907A-22F99BF8BAA4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{C5E18A03-55A4-4364-A3AD-3619805E9057}] => (Allow) C:\Program Files\Adobe\Adobe Dreamweaver CC 2017\Dreamweaver.exe (Adobe Systems Incorporated -> Adobe Systems, Inc.)
    FirewallRules: [{28ED60FA-7C71-436A-956A-CCE88EC779FD}] => (Allow) C:\Program Files\Adobe\Adobe Dreamweaver CC 2017\Dreamweaver.exe (Adobe Systems Incorporated -> Adobe Systems, Inc.)
    FirewallRules: [{827176E0-6361-46D0-8F7E-A0860FA44268}] => (Allow) C:\Program Files\Adobe\Adobe Dreamweaver CC 2017\Dreamweaver.exe (Adobe Systems Incorporated -> Adobe Systems, Inc.)
    FirewallRules: [{2F3FAF2B-3037-45D8-BE72-624D3E28A8B1}] => (Allow) C:\Program Files\Adobe\Adobe Dreamweaver CC 2017\Dreamweaver.exe (Adobe Systems Incorporated -> Adobe Systems, Inc.)
    FirewallRules: [{0E359C0E-7B8C-4A75-9701-FA20ACAC120C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{96C1D474-A642-480B-ABF1-C47E359778FE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{E0937DBA-0490-498E-84E1-107E85C9FFCE}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
    FirewallRules: [{41D1FA0E-DBDC-4573-A897-E560E5DA0CBD}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
    FirewallRules: [{CA681EF9-A38A-41D9-A047-58F07715030D}] => (Allow) C:\Program Files (x86)\Fawkes Engineering\AccuRIP\AccuRIP.exe (Fawkes Engineering, Inc. -> Fawkes Engineering Inc)
    FirewallRules: [{A56FE2FB-D59C-4714-9A39-9971807C5C12}] => (Allow) C:\Program Files (x86)\Fawkes Engineering\AccuRIP\RipCore.exe (Fawkes Engineering, Inc. -> )
    FirewallRules: [TCP Query User{DE92719E-24AE-4D52-9EAD-AB6B3889E9D0}C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe (Adobe Inc. -> Node.js)
    FirewallRules: [UDP Query User{BF31F9EE-5ACF-44D1-A9B9-933D94A84FC5}C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe (Adobe Inc. -> Node.js)
    FirewallRules: [TCP Query User{1C85C3EA-5637-46A5-8429-AE5EFFB4BDAA}C:\program files\adobe\adobe dreamweaver cc 2019\dreamweaver.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2019\dreamweaver.exe (Adobe Inc. -> Adobe Inc.)
    FirewallRules: [UDP Query User{C4E2FE97-D3FF-4E0D-81CE-12260D012DA0}C:\program files\adobe\adobe dreamweaver cc 2019\dreamweaver.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2019\dreamweaver.exe (Adobe Inc. -> Adobe Inc.)
    FirewallRules: [{23F1EDD2-3E78-4D3E-B2F0-B85ADB1DA770}] => (Block) C:\program files\adobe\adobe dreamweaver cc 2019\dreamweaver.exe (Adobe Inc. -> Adobe Inc.)
    FirewallRules: [{ABC47733-1C9C-46B6-AAEC-ABCBCB84F8B7}] => (Block) C:\program files\adobe\adobe dreamweaver cc 2019\dreamweaver.exe (Adobe Inc. -> Adobe Inc.)
    FirewallRules: [{6C4B49F7-8D88-4CF0-BFEB-2907180E960C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{D0D4308F-3650-4D3F-B1CA-62A812AC211A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{89AB685C-207A-4D8D-B9F5-40D50AFE8B78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
    FirewallRules: [{D00F1F50-C9A9-4DB7-81F9-B504F9967B12}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
    FirewallRules: [{C4BDE8E8-6E2D-4F3F-8B9C-325BCC17E2F6}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{5F2E7F88-978C-4777-8572-CD76FB780447}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

    ==================== Restore Points =========================

    25-04-2019 18:16:57 Scheduled Checkpoint

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (04/27/2019 07:11:00 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (04/26/2019 04:15:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program PhotoScreensaver.scr version 10.0.17134.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 45ac

    Start Time: 01d4fc7b40b17d4c

    Termination Time: 13

    Application Path: C:\Windows\System32\PhotoScreensaver.scr

    Report Id: ec8d864d-0271-4f85-8f33-c69007f41458

    Faulting package full name:

    Faulting package-relative application ID:

    Error: (04/26/2019 07:11:05 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (04/25/2019 11:12:02 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: Windows cannot access the file for one of the following reasons:
    there is a problem with the network connection, the disk that the file is stored on, or the storage
    drivers installed on this computer; or the disk is missing.
    Windows closed the program Google Chrome because of this error.

    Program: Google Chrome
    File:

    The error value is listed in the Additional Data section.
    User Action
    1. Open the file again.
    This situation might be a temporary problem that corrects itself when the program runs again.
    2.
    If the file still cannot be accessed and
    - It is on the network,
    your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
    3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
    4. If the problem persists, restore the file from a backup copy.
    5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
    further assistance.

    Additional Data
    Error value: 00000000
    Disk type: 0

    Error: (04/25/2019 11:12:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 73.0.3683.103, time stamp: 0x5ca43dd0
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000096
    Fault offset: 0x00007ffb06280024
    Faulting process id: 0x3538
    Faulting application start time: 0x01d4fbee89dbe9ba
    Faulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Faulting module path: unknown
    Report Id: a13293d3-75d3-4dda-8ce0-dde1acea4453
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (04/25/2019 10:57:01 PM) (Source: Application Error) (EventID: 1005) (User: )
    Description: Windows cannot access the file for one of the following reasons:
    there is a problem with the network connection, the disk that the file is stored on, or the storage
    drivers installed on this computer; or the disk is missing.
    Windows closed the program Google Chrome because of this error.

    Program: Google Chrome
    File:

    The error value is listed in the Additional Data section.
    User Action
    1. Open the file again.
    This situation might be a temporary problem that corrects itself when the program runs again.
    2.
    If the file still cannot be accessed and
    - It is on the network,
    your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
    3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
    4. If the problem persists, restore the file from a backup copy.
    5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
    further assistance.

    Additional Data
    Error value: 00000000
    Disk type: 0

    Error: (04/25/2019 10:57:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: chrome.exe, version: 73.0.3683.103, time stamp: 0x5ca43dd0
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000096
    Fault offset: 0x00007ffb06280024
    Faulting process id: 0x76c
    Faulting application start time: 0x01d4fbec6723551f
    Faulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Faulting module path: unknown
    Report Id: 3411aac0-4a8c-465f-92cb-1f2365530aa0
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (04/25/2019 05:40:44 PM) (Source: DbxSvc) (EventID: 281) (User: )
    Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.


    System errors:
    =============
    Error: (04/27/2019 04:10:51 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7MH20NA)
    Description: DCOM got error "2" attempting to start the service AvastSecureBrowserElevationService with arguments "Unavailable" in order to run the server:
    {620A093F-79D3-4CAB-8CAD-EB1A39A8C0A2}

    Error: (04/27/2019 04:10:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Avast Secure Browser Elevation Service service failed to start due to the following error:
    The system cannot find the file specified.

    Error: (04/27/2019 03:07:28 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7MH20NA)
    Description: DCOM got error "2" attempting to start the service AvastSecureBrowserElevationService with arguments "Unavailable" in order to run the server:
    {620A093F-79D3-4CAB-8CAD-EB1A39A8C0A2}

    Error: (04/27/2019 03:07:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Avast Secure Browser Elevation Service service failed to start due to the following error:
    The system cannot find the file specified.

    Error: (04/27/2019 02:11:04 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7MH20NA)
    Description: DCOM got error "2" attempting to start the service AvastSecureBrowserElevationService with arguments "Unavailable" in order to run the server:
    {620A093F-79D3-4CAB-8CAD-EB1A39A8C0A2}

    Error: (04/27/2019 02:11:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Avast Secure Browser Elevation Service service failed to start due to the following error:
    The system cannot find the file specified.

    Error: (04/27/2019 01:21:19 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7MH20NA)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user DESKTOP-7MH20NA\Anderson SID (S-1-5-21-117299934-2116951884-1989845370-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (04/27/2019 01:18:38 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7MH20NA)
    Description: DCOM got error "2" attempting to start the service AvastSecureBrowserElevationService with arguments "Unavailable" in order to run the server:
    {620A093F-79D3-4CAB-8CAD-EB1A39A8C0A2}


    CodeIntegrity:
    ===================================

    Date: 2019-03-29 12:06:47.970
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

    Date: 2019-02-20 08:18:46.870
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

    Date: 2019-02-12 19:21:16.231
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

    Date: 2019-02-09 22:05:44.559
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

    Date: 2019-02-05 20:03:40.662
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

    Date: 2019-01-28 19:18:56.388
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

    Date: 2019-01-27 19:19:28.258
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

    Date: 2019-01-26 16:58:33.453
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

    ==================== Memory info ===========================

    BIOS: AMI 8.05 08/13/2012
    Motherboard: PEGATRON CORPORATION 2AE4
    Processor: AMD E2-1800 APU with Radeon(tm) HD Graphics
    Percentage of memory in use: 44%
    Total physical RAM: 11854.37 MB
    Available physical RAM: 6563.46 MB
    Total Virtual: 13646.37 MB
    Available Virtual: 8637.52 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:930.19 GB) (Free:582.6 GB) NTFS
    Drive g: (TOSHIBA EXT) (Fixed) (Total:931.41 GB) (Free:905.16 GB) NTFS

    \\?\Volume{fa9cd85e-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
    \\?\Volume{fa9cd85e-0000-0000-0000-30abe8000000}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: D7DE19C2)
    Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

  8. #6
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,178
    Points
    1308

    Default

    I don't like this program
    Wise Care 365 5.2.3

    It runs a windows task all the time and does little to benefit the machine

    No Malware seen in the log just some left overs.

    Avast seems to have some problems, might want to uninstall it and reinstall It. May be interesting to see how computer runs without Avast before you go reinstalling it.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Open notepad (Start =>All Programs => Accessories => Notepad).
    Copy/Paste the contents of the code box below into Notepad.

    Code:
    start
    CloseProcesses:
    CreateRestorePoint:
    (AVG Netherlands B.V. -> ) C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
    C:\Program Files (x86)\AVG Web TuneUp
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [AdobeBridge] => [X]
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    Task: {EEA1FB7B-47CC-429F-8F64-35EDB1D5088E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    SearchScopes: HKU\S-1-5-21-117299934-2116951884-1989845370-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BE319FEB-6DEC-4236-9D1D-A71B616C06FA}&mid=6c953a8de64647cfba719d3bff70a205-803e381f556cfccec69a2dff7c5ae3ce1e16db0b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0717tb&pr=fr&d=2016-11-21 23:01:39&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
    CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-24]
    CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-29]
    CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-03-16]
    CustomCLSID: HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Anderson\AppData\Local\GoToMeeting\7716\G2MOutlookAddin64.dll => No File
    CMD: bitsadmin /reset /allusers
    CMD: ipconfig /flushdns
    Emptytemp:
    • Click Format and ensure Wordwrap is unchecked.
    • Save as Fixlist.txt to C:\Users\Anderson\Downloads (Must be in this location)
    • Run FRST/FRST64 and press the Fix button just once and wait.
    • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
    • The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.


    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
    Last edited by zep516; 04-28-2019 at 11:18 AM.

  9. #7
    Member skaterace's Avatar
    Join Date
    Dec 2003
    Posts
    73
    Points
    0

    Default

    So, all was going well. I was sitting playing on my phone and waiting for the scan to finish, when I got this notice from avast:
    Threat secured
    We've moved the threat FRST64.exe to your Virus Chest
    Threat name: IDP.Generic
    File path: C:\\USERS\Anderson\Downloads\FRST64.exe
    Process: C:\\Windows\System32\cmd.exe
    Detected by: Behavior Shield
    Status: Moved to Virus Chest

  10. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,178
    Points
    1308

    Default

    Hello,

    Some Anti virus programs think FRST64.EXE is malware Avast is one of them. Uninstall Avast, re-download farber recovery scan tool (FRST) and follow the rest of the instructions in post #6

  11. #9
    Member skaterace's Avatar
    Join Date
    Dec 2003
    Posts
    73
    Points
    0

    Default

    Fix result of Farbar Recovery Scan Tool (x64) Version: 28.04.2019
    Ran by Anderson (29-04-2019 14:36:23) Run:3
    Running from C:\Users\Anderson\Downloads
    Loaded Profiles: defaultuser0 & Anderson (Available Profiles: defaultuser0 & Anderson)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    start
    CloseProcesses:
    CreateRestorePoint:
    (AVG Netherlands B.V. -> ) C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
    C:\Program Files (x86)\AVG Web TuneUp
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [AdobeBridge] => [X]
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    Task: {EEA1FB7B-47CC-429F-8F64-35EDB1D5088E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    SearchScopes: HKU\S-1-5-21-117299934-2116951884-1989845370-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BE319FEB-6DEC-4236-9D1D-A71B616C06FA}&mid=6c953a8de64647cfba719d3bff70a205-803e381f556cfccec69a2dff7c5ae3ce1e16db0b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0717tb&pr=fr&d=2016-11-21 23:01:39&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
    CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-24]
    CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-29]
    CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-03-16]
    CustomCLSID: HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Anderson\AppData\Local\GoToMeeting\7716\G2MOutlookAddin64.dll => No File
    CMD: bitsadmin /reset /allusers
    CMD: ipconfig /flushdns
    Emptytemp:
    *****************

    Processes closed successfully.
    Restore point was successfully created.
    C:\Program Files (x86)\AVG Web TuneUp\vprot.exe => No running process found
    "C:\Program Files (x86)\AVG Web TuneUp" => not found
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
    "HKU\S-1-5-21-117299934-2116951884-1989845370-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => not found
    HKLM\SOFTWARE\Policies\Mozilla => removed successfully
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEA1FB7B-47CC-429F-8F64-35EDB1D5088E}" => not found
    "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
    HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
    CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-24] => Error: No automatic fix found for this entry.
    CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-29] => Error: No automatic fix found for this entry.
    CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-03-16] => Error: No automatic fix found for this entry.
    HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309} => not found

    ========= bitsadmin /reset /allusers =========


    BITSADMIN version 3.0
    BITS administration utility.
    (C) Copyright Microsoft Corp.

    Unable to cancel {DA90A048-196A-4177-9449-AD51C56A8C79}.
    Unable to cancel {A26F7679-8D6B-4E8B-AE03-4E845C05EA69}.
    0 out of 2 jobs canceled.

    ========= End of CMD: =========


    ========= ipconfig /flushdns =========


    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========= End of CMD: =========


    =========== EmptyTemp: ==========

    BITS transfer queue => 10772480 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20152888 B
    Java, Flash, Steam htmlcache => 1448 B
    Windows/system/drivers => 426869 B
    Edge => 9547 B
    Chrome => 1917873 B
    Firefox => 62200182 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 0 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 0 B
    systemprofile32 => 0 B
    LocalService => 7210 B
    LocalService => 0 B
    NetworkService => 7708 B
    NetworkService => 0 B
    defaultuser0 => 0 B
    Anderson => 109259016 B

    RecycleBin => 0 B
    EmptyTemp: => 195.3 MB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 14:39:50 ====

  12. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,178
    Points
    1308

    Default

    Next download AdwCleaner from Malwarebytes and run it.

    https://www.malwarebytes.com/adwcleaner/

Page 1 of 2 12 LastLast