Thread: Slow computer, is it malware?
- 04-26-2019 11:25 PM #1
Slow computer, is it malware?
My computer has slowed to a crawl, so much that it can barely type anymore. The detective told me to post my scan, so here you go. Any help would be greatly appreciated. If I knew you in real life, I would bring you warm bread.
SUPERAntiSpyware Scan Log
https://www.superantispyware.com
Generated 04/26/2019 at 08:42 PM
Application Version : 8.0.1038
Database Version : 15475
Scan type : Complete Scan
Total Scan Time : 02:33:09
Operating System Information
Windows 10 Home 64-bit (Build 10.00.17134)
UAC On - Limited User
Memory items scanned : 1260
Memory items detected : 0
Registry items scanned : 63126
Registry items detected : 0
File items scanned : 24356
File items detected : 499
Adware.Tracking Cookie
C:\Users\Anderson\AppData\Local\Microsoft\Windows\INetCookies\deprecated.cookieC:\Users\Anderson\AppData\Local\Microsoft\Windows\INetCookies\deprecated.cookie [ /cdnssl.clicktale.net ]
.btrll.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.eqads.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.intentiq.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
ads.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.nanigans.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
ads.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.gravity.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.krxd.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.marinsm.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.afy11.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adadvisor.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adap.tv [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adobe.demdex.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.voicefive.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adap.tv [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.scanscout.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.mletracker.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
api.content.ad [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
DealTime: Search, sort and save on great deals! [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adobe.demdex.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.turn.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.ib.mookie1.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
statsadv.dadapro.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.liverail.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.w55c.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.nexac.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.udmserve.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
tap2-cdn.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.openx.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.gwallet.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.gwallet.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.agkn.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.udmserve.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.scanscout.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.agkn.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-02 12-09-12AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.btrll.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.eqads.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.intentiq.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
ads.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.nanigans.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
ads.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.gravity.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.krxd.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.marinsm.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.outbrain.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.chango.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.tubemogul.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.fwmrm.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.afy11.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
srv.clickfuse.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adadvisor.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adap.tv [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adobe.demdex.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.voicefive.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adap.tv [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.scanscout.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.mletracker.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
api.content.ad [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
DealTime: Search, sort and save on great deals! [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adobe.demdex.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.turn.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.ib.mookie1.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
statsadv.dadapro.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.liverail.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.w55c.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.nexac.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.udmserve.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.spotxchange.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
tap2-cdn.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.openx.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.gwallet.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.gwallet.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.agkn.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.udmserve.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.scanscout.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.agkn.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2013-04-03 09-17-48AM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FEYZCB2.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9T9M5VG.DEFAULT\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9T9M5VG.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
.demdex.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
.tealiumiq.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
.demdex.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
.everesttech.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
.everesttech.net [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\CARBONITE RESTORED OLD USER SETTINGS\2016-11-17 02-20-07PM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RMXD1WK7.DEFAULT-1466028930116\COOKIES.SQLITE ]
.iasds01.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
partners.tremorhub.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
tag.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.ads.linkedin.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.connexity.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.iasds01.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.exelator.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
bttrack.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.xspadvertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.xspadvertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pubmatic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.tealiumiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.adsrvr.org [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.adsrvr.org [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.tapad.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.tapad.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.adsymptotic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.storygize.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.scorecardresearch.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
ads.stickyadstv.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.scorecardresearch.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.contextweb.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.app.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.assets.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.marketingengine.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.www.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.adsymptotic.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.app.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.assets.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.marketingengine.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.solocpm.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.truoptik.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.www.clickfunnels.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
dmp.truoptik.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.dsp.linksynergy.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.eyeviewads.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crwdcntrl.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crwdcntrl.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crwdcntrl.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crwdcntrl.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.krxd.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.sitescout.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.xspadvertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.agkn.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.agkn.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.spotxchange.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
pixel.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.acuityplatform.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.bluekai.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.clickagy.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
aorta.clickagy.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
trackcmp.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.outbrain.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.mediawallahscript.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.ad-stir.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.media.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.media.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.demdex.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.demdex.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pippio.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pippio.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.dpm.demdex.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.dotomi.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.dyntrk.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.everesttech.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.everesttech.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.everesttech.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.extend.tv [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.owneriq.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.adhigh.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.openx.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.ib.mookie1.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.ib.mookie1.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.yieldlab.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.intentiq.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
io.narrative.io [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.liadm.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.lijit.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
in.xspadvertising.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.mediawallahscript.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.eyeota.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.w55c.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.w55c.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.ldschurch.tt.omtrdc.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.ldschurch.tt.omtrdc.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.thrtle.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.mathtag.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.mxptint.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.addthis.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pippio.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.outbrain.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.addthis.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.owneriq.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.mediawallahscript.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.contextweb.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.ml314.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.powerlinks.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.ads.yieldmo.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pippio.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rlcdn.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rlcdn.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.linksynergy.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.pixel.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rfihub.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rkdms.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rkdms.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.owneriq.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.sitescout.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.postrelease.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
px.powerlinks.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.taboola.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.taboola.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.3lift.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
dmp.truoptik.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
dmp.truoptik.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.ml314.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.teads.tv [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.360yield.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.mfadsrvr.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.360yield.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.mfadsrvr.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.agkn.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.ml314.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.exelator.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.ad-stir.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.addthis.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.simpli.fi [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.turn.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
ads.stickyadstv.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.360yield.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.360yield.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.adscale.de [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.crsspxl.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.mathtag.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
ads.avocet.io [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.adnxs.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.mathtag.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.contextweb.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.rubiconproject.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.postrelease.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.media.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.weborama.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.contextweb.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.w55c.net [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.weborama.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.yieldmo.com [ C:\USERS\ANDERSON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZOK1QYFH.DEFAULT-1554330347783\COOKIES.SQLITE ]
.webstats4u.com [ C:\USERS\TOTO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W0PDYD4L.DEFAULT\COOKIES.SQLITE ]
.webstats4u.com [ C:\USERS\TOTO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W0PDYD4L.DEFAULT\COOKIES.SQLITE ]
.webstats4u.com [ C:\USERS\TOTO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W0PDYD4L.DEFAULT\COOKIES.SQLITE ]
.cdn.ad4game.com [ C:\USERS\TOTO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W0PDYD4L.DEFAULT\COOKIES.SQLITE ]
.cdn.ad4game.com [ C:\USERS\TOTO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W0PDYD4L.DEFAULT\COOKIES.SQLITE ]
============
End of Log
============
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 4/26/19
Scan Time: 2:10 AM
Log File: d0d8bb21-67fa-11e9-baa0-4c72b9944bf6.json
-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.563
Update Package Version: 1.0.10350
License: Trial
-System Information-
OS: Windows 10 (Build 17134.706)
CPU: x64
File System: NTFS
User: System
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 390601
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 56 min, 7 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:30:21 PM, on 4/25/2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\Users\Anderson\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Shrink Pic\shrink_pic.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\71.4.108\QtWebEngineProcess.exe
C:\Users\Anderson\Downloads\HijackThis.exe
C:\Users\Anderson\Downloads\HijackThis.exe
C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe /shownag /nagdelay:180
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Anderson\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [AvastBrowserAutoLaunch_BD664B812C97C9481AD0FF71925D28C6] "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" --restore-last-session
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_32ATI1FE.EXE /EPT "EPLTarget\P0000000000000001" /M "SC-P800 Series"
O4 - Startup: Shrink Pic.lnk = C:\Program Files (x86)\Shrink Pic\shrink_pic.exe
O4 - Global Startup: Avast Cleanup Premium.lnk = C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: %1!s! Update Service (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: %1!s! Update Service (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - Unknown owner - C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1258.86\elevation_service.exe (file missing)
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
O23 - Service: Avast Cleanup Premium (CleanupPSvc) - AVAST Software - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: RipCoreBP - Unknown owner - C:\Program Files (x86)\Fawkes Engineering\AccuRIP\RipCore.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.3.8 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 15850 bytes
- 04-27-2019 11:33 AM #2
Hi! My name is zep516 and Welcome to Help2go
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!
What Anti virus are you using? I see Avast and some Avg files too.
If you're running Avast then please download the AVG Removal tool in link below (Save the file to the desktop) and run it.
AVG Removal tool---> https://www.bleepingcomputer.com/download/avg-remover/
Then
Everything gets download to the desktop and tools are "Run as administrator."
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please copy and paste log back here.
- The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Last edited by zep516; 04-27-2019 at 12:22 PM.
-
The Following User Says Thank You to zep516 For This Useful Post:
- 04-27-2019 02:06 PM #3
Tell me about the avg removal tool. I don't actually have AVG antivirus installed, it's just an AVG web tune-up app. I ran the AVG removal tool, anyway, but it tells me to restart my computer every time. After the restart, nothing happens. So I run it again, and the same thing happens again. I feel like I'm not accomplishing anything. Is this step necessary? What am I doing wrong?
- 04-27-2019 03:07 PM #4
Hopefully its removed the AVG tune up files, these so called tune up programs are not very good an cause more problems then that claim to fix. Please follow the rest of the instruction and post the 2 logs from Farber Recovery scan so I can check for possible malware. High jack this simply does not tell us enough.
Thanks
zep
-
The Following User Says Thank You to zep516 For This Useful Post:
- 04-27-2019 06:30 PM #5
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.04.2019
Ran by Anderson (administrator) on DESKTOP-7MH20NA (Hewlett-Packard p2-1317c) (27-04-2019 15:19:34)
Running from C:\Users\Anderson\Downloads
Loaded Profiles: Anderson (Available Profiles: defaultuser0 & Anderson)
Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Shrink Pic\shrink_pic.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVG Netherlands B.V. -> ) C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Carbonite -> Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Carbonite -> Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\71.4.108\QtWebEngineProcess.exe
(Fawkes Engineering, Inc. -> ) C:\Program Files (x86)\Fawkes Engineering\AccuRIP\RipCore.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Lespeed Technology Ltd. -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
(Lespeed Technology Ltd. -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Anderson\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\setuphost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\6792e3c57b795d36fe6f5779079a908a\WindowsUpdateBox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_32ATI1FE.EXE
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-03-24] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2195968 2018-05-15] (AVG Netherlands B.V. -> )
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5537088 2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1278056 2019-02-08] (Carbonite -> Carbonite, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-10-01] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198512 2019-04-25] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46506040 2019-04-09] (Google LLC -> )
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_32ATI1FE.EXE [303312 2016-04-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [570368 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [280864 2007-02-03] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [MSVideo] => C:\WINDOWS\system32\vfwwdm32.dll [67072 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [264992 2007-02-03] (Logitech Inc -> Logitech Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1258.86\Installer\chrmstp.exe [2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-12-24]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shrink Pic.lnk [2018-11-26]
ShortcutTarget: Shrink Pic.lnk -> C:\Program Files (x86)\Shrink Pic\shrink_pic.exe () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01FCB836-0FDA-49A2-9C63-8D524E5ECC78} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1955440 2019-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {1766FAF5-AFB9-4EAA-B5E4-3E5FD566757A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-10] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1F9F83A4-6FB0-4744-8938-491EA30BB907} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1955440 2019-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {25F68F66-2384-4AFD-AF23-9033217621FF} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {2D117640-E8A7-453C-B066-7C8A61C76C0E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {2F47E01F-05C8-4456-8956-94FA257B23BB} - System32\Tasks\G2MUploadTask-S-1-5-21-117299934-2116951884-1989845370-1001 => C:\Users\Anderson\AppData\Local\GoToMeeting\12814\g2mupload.exe [29768 2019-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {32A0E9A4-614D-4452-BD62-DA874571D115} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25906688 2019-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {3AB51AF8-5B74-46B0-B95D-C1C0473F672B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2018-10-22] (Apple Inc. -> Apple Inc.)
Task: {3CA01DD2-C3FE-4C16-9DAE-3897CD828CF2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [758600 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {43BB3E4E-019D-46C6-A731-BFFB0D4CBFCE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {46C614F1-A2E8-44F2-93A8-D1A9B1324469} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-17] (Google Inc -> Google Inc.)
Task: {535296CE-9442-4A0B-A494-BAB119D66E99} - System32\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [3976872 2018-12-07] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {6356ACB8-9969-47B1-ADA9-57F9F5CD0E73} - System32\Tasks\G2MUpdateTask-S-1-5-21-117299934-2116951884-1989845370-1001 => C:\Users\Anderson\AppData\Local\GoToMeeting\12814\g2mupdate.exe [29768 2019-04-26] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {664EDBFD-2EC4-4D53-ABD9-6FFB9F866FE3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112160 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {7527416D-7173-4A39-9A41-72DD5DE88F77} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-10] (Dropbox, Inc -> Dropbox, Inc.)
Task: {78030924-5F43-46D7-8C55-63C582EE378C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-09] (Adobe Inc. -> Adobe)
Task: {84226196-4E6E-4F85-8FD6-265A2EA9F2B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4407136 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {895F6A6F-B27E-4179-9364-132B025F2593} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {8A99ACD9-C57F-4DD2-88EF-9ABC40013A67} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
Task: {8D398E8A-3EA9-4BB6-AF4E-9953F4E002A3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112160 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {8DB7FFEF-3810-4ED6-84BE-D70FD39F62D5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-09] (Adobe Inc. -> Adobe)
Task: {9DC7A9C7-B1E5-4D01-8802-A26E7617AA05} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-stefanierase@msn.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {9E3C930B-20D4-41CD-BA7F-A10DE2A71D68} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-16] (AVAST Software s.r.o. -> AVAST Software)
Task: {9ECA0FB5-0F4D-4D88-9D1F-1E51FBA078CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4407136 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {A533946B-ECA7-448F-B5C8-E5BF86C7EF4A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-16] (AVAST Software s.r.o. -> AVAST Software)
Task: {A5C9FB84-3F46-43FE-AB39-B86AAB737709} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432200 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {A85DD8D0-747C-4BDD-9449-3F8CF8196787} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-stefanierase@msn.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {AD054E77-8553-4DDD-A8C7-CD724C8B3D52} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-04-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {AE714B22-3DA4-46C9-9E5E-756F3371FC9F} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe [11106984 2018-12-28] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {CE6A3779-1066-4E3D-A03E-7CE637E0A726} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25906688 2019-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {CEB59A07-C9D4-4A56-8063-3A437113850E} - System32\Tasks\EPSON SC-P800 Series Update {9AFB6BBE-2199-4C1C-ACD5-97579F84012E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_32TS01FA.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {DD8385DD-5D17-4490-81DD-93C78EDD31A1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432200 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC8A0BC5-5911-42BE-B497-D1CDA166594F} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => Powershell -noexit -command "&{$carbProgramDataPath = $env:ProgramData + '\Carbonite\Carbonite Backup\';$upgradeExe = 'CarboniteUpgrade.exe';$upgradeFullPath = $carbProgramDataPath + $upgradeExe;$logFile = 'CarboniteUpgrade.log';$logFileFullPath = $carbProgramDataPath + $logFile;$psversion = [string]$psversio (the data entry has 1818 more characters).
Task: {EEA1FB7B-47CC-429F-8F64-35EDB1D5088E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EF96BFC8-57D7-42DD-8BDD-4CD1CE9E83AE} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-7MH20NA-Anderson => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F397BF32-9101-441B-A515-561A9639AAC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-17] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON SC-P800 Series Update {9AFB6BBE-2199-4C1C-ACD5-97579F84012E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_32TS01FA.EXE:/EXE:{9AFB6BBE-2199-4C1C-ACD5-97579F84012E} /F:UpdateWORKGROUP\DESKTOP-7MH20NA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-117299934-2116951884-1989845370-1001.job => C:\Users\Anderson\AppData\Local\GoToMeeting\12814\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-117299934-2116951884-1989845370-1001.job => C:\Users\Anderson\AppData\Local\GoToMeeting\12814\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78774060-ed72-4b8f-9ad1-a2a4c1a74d6f}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
SearchScopes: HKU\S-1-5-21-117299934-2116951884-1989845370-1001 -> DefaultScope {88BB9F0E-D6FC-494D-BBC5-91A6BE1ECE3E} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-117299934-2116951884-1989845370-1001 -> {88BB9F0E-D6FC-494D-BBC5-91A6BE1ECE3E} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-117299934-2116951884-1989845370-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BE319FEB-6DEC-4236-9D1D-A71B616C06FA}&mid=6c953a8de64647cfba719d3bff70a205-803e381f556cfccec69a2dff7c5ae3ce1e16db0b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0717tb&pr=fr&d=2016-11-21 23:01:39&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: zok1qyfh.default-1554330347783
FF ProfilePath: C:\Users\Anderson\AppData\Roaming\Mozilla\Firefox\Profiles\zok1qyfh.default-1554330347783 [2019-04-27]
FF Homepage: Mozilla\Firefox\Profiles\zok1qyfh.default-1554330347783 -> hxxps://www.lds.org/?lang=eng
FF Extension: (Avast Online Security) - C:\Users\Anderson\AppData\Roaming\Mozilla\Firefox\Profiles\zok1qyfh.default-1554330347783\Extensions\wrc@avast.com.xpi [2019-04-18] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-117299934-2116951884-1989845370-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Anderson\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-01-03] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 51
CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Default [2019-04-27]
CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-01-04]
CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-01-04]
CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20 [2019-01-04]
CHR Extension: (Google Slides) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-24]
CHR Extension: (DocHub - Edit and Sign PDF Documents) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\adgncicbhbjfpijkdmbijninnhnmiblj [2017-08-24]
CHR Extension: (Google Docs) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-24]
CHR Extension: (Google Drive) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-24]
CHR Extension: (YouTube) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-24]
CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-24]
CHR Extension: (Imagine Learning) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\cmeclblmdmffdgpdlifgepjddoplmmal [2017-08-24]
CHR Extension: (Avast SafePrice) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-08-24]
CHR Extension: (Google Sheets) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-24]
CHR Extension: (Google Docs Offline) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-24]
CHR Extension: (Avast Online Security) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-24]
CHR Extension: (Camera) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\hfhhnacclhffhdffklopdkcgdhifgngh [2017-08-24]
CHR Extension: (iReady) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\hlibmedjdjgnlnnlmjanmlgdegeldimh [2017-08-24]
CHR Extension: (Google Forms) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2017-08-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (PDF Viewer) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2017-08-24]
CHR Extension: (Gmail) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-24]
CHR Extension: (Chrome Media Router) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-24]
CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25 [2019-01-04]
CHR Extension: (YouTube) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-29]
CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-29]
CHR Extension: (Avast SafePrice) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-08-29]
CHR Extension: (Google Sheets) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-29]
CHR Extension: (Google Docs Offline) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-29]
CHR Extension: (Avast Online Security) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-29]
CHR Extension: (Gmail) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-29]
CHR Extension: (Chrome Media Router) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-29]
CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 4 [2019-01-04]
CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 5 [2019-01-04]
CHR Extension: (PDF Viewer) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2017-03-16]
CHR Extension: (Chrome Media Router) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-08]
CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 51 [2019-04-25]
CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6 [2019-01-04]
CHR Extension: (Google Docs) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-03]
CHR Extension: (Google Drive) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-16]
CHR Extension: (YouTube) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-16]
CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-03-16]
CHR Extension: (Imagine Learning) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cmeclblmdmffdgpdlifgepjddoplmmal [2017-03-16]
CHR Extension: (Google Sheets) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-16]
CHR Extension: (Google Docs Offline) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-16]
CHR Extension: (Camera) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\hfhhnacclhffhdffklopdkcgdhifgngh [2017-03-16]
CHR Extension: (iReady) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\hlibmedjdjgnlnnlmjanmlgdegeldimh [2017-03-16]
CHR Extension: (Google Forms) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2017-03-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-16]
CHR Extension: (PDF Viewer) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2017-03-16]
CHR Extension: (Gmail) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-16]
CHR Extension: (Chrome Media Router) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-16]
CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 7 [2019-01-04]
CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 8 [2019-01-04]
CHR Profile: C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\System Profile [2019-04-25]
CHR HKU\S-1-5-21-117299934-2116951884-1989845370-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Anderson\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-11-25]
CHR HKU\S-1-5-21-117299934-2116951884-1989845370-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-10-21] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-16] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-16] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10227280 2019-04-18] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11084584 2019-04-19] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-10] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-10] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [File not signed]
R2 RipCoreBP; C:\Program Files (x86)\Fawkes Engineering\AccuRIP\RipCore.exe [2141088 2018-12-10] (Fawkes Engineering, Inc. -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-08-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [658600 2018-12-06] (Lespeed Technology Ltd. -> WiseCleaner.com)
S3 AvastSecureBrowserElevationService; "C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1258.86\elevation_service.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-04-18] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider)
R3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [43944 2013-06-04] (BoiseTest -> Microsoft Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [121344 2018-04-11] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-04-25] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-04-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-04-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-04-27] (Malwarebytes Corporation -> Malwarebytes)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-27 15:19 - 2019-04-27 15:31 - 000046984 _____ C:\Users\Anderson\Downloads\FRST.txt
2019-04-27 15:18 - 2019-04-27 15:19 - 000000000 ____D C:\FRST
2019-04-27 15:16 - 2019-04-27 15:17 - 002430464 _____ (Farbar) C:\Users\Anderson\Downloads\FRST64.exe
2019-04-27 15:11 - 2019-04-27 15:11 - 001788928 _____ (Farbar) C:\Users\Anderson\Downloads\FRST.exe
2019-04-27 12:59 - 2019-04-27 12:59 - 000000000 ___HD C:\OneDriveTemp
2019-04-27 12:54 - 2019-04-27 12:54 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-04-27 12:53 - 2019-04-27 12:53 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-04-27 12:53 - 2019-04-27 12:53 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-04-27 12:53 - 2019-04-27 12:53 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-04-27 11:58 - 2019-04-27 12:51 - 000000543 _____ C:\cleanup.bat
2019-04-27 11:56 - 2019-04-27 12:49 - 000000000 ____D C:\AVG_Remover
2019-04-27 11:55 - 2019-04-27 11:55 - 007986864 _____ ( ) C:\Users\Anderson\Downloads\AVG_Remover.exe
2019-04-26 21:03 - 2019-04-26 21:03 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-04-26 21:03 - 2019-04-26 21:03 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-04-26 21:03 - 2019-04-26 21:03 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-04-26 21:03 - 2019-04-26 21:03 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-04-26 21:03 - 2019-04-26 21:03 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-04-26 21:03 - 2019-04-26 21:03 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-04-26 21:03 - 2019-04-26 21:03 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-04-26 21:03 - 2019-04-26 21:03 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-04-26 21:03 - 2019-04-26 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-04-26 18:26 - 2019-04-26 18:26 - 000001220 _____ C:\Users\Anderson\Desktop\Malware scan.txt
2019-04-25 21:27 - 2019-04-25 21:27 - 000388608 _____ (Trend Micro Inc.) C:\Users\Anderson\Downloads\HijackThis.exe
2019-04-25 17:40 - 2019-04-25 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-04-25 11:27 - 2019-04-25 11:27 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-04-25 11:27 - 2019-04-25 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-04-25 11:27 - 2019-04-25 11:27 - 000000000 ____D C:\Program Files\iPod
2019-04-25 11:14 - 2019-04-25 11:27 - 000000000 ____D C:\Program Files\iTunes
2019-04-25 09:24 - 2019-04-25 09:24 - 000000000 ____D C:\Users\Anderson\AppData\Local\mbamtray
2019-04-25 09:23 - 2019-04-25 09:23 - 000000000 ____D C:\Users\Anderson\AppData\Local\mbam
2019-04-25 09:21 - 2019-04-25 09:21 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-04-24 15:10 - 2019-04-24 15:10 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-24 15:10 - 2019-04-24 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-24 15:10 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-24 15:10 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-04-24 15:08 - 2019-04-24 15:09 - 062879864 _____ (Malwarebytes ) C:\Users\Anderson\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.10310.exe
2019-04-23 06:13 - 2019-04-23 06:13 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-04-23 06:13 - 2019-04-23 06:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-04-23 06:13 - 2019-04-23 06:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-04-23 06:13 - 2019-04-23 06:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-04-20 16:27 - 2019-04-20 16:27 - 000628067 _____ C:\Users\Anderson\Downloads\House.skp
2019-04-20 11:15 - 2019-02-12 23:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-04-16 17:13 - 2019-04-16 17:12 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-04-15 23:09 - 2019-04-15 23:09 - 000027216 _____ C:\Users\Anderson\Downloads\serpentine-bold.otf
2019-04-13 08:42 - 2019-04-18 08:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-12 12:35 - 2019-04-16 17:14 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-11 17:03 - 2019-04-11 17:03 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-04-11 17:03 - 2019-04-11 17:03 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-04-09 20:20 - 2019-04-02 02:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-09 20:20 - 2019-04-02 02:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-09 20:20 - 2019-04-02 02:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-09 20:20 - 2019-04-02 01:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-09 20:20 - 2019-04-01 23:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-09 20:20 - 2019-04-01 22:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-09 20:20 - 2019-04-01 22:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-09 20:20 - 2019-03-14 02:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-09 20:19 - 2019-04-02 06:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-09 20:19 - 2019-04-02 06:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-09 20:19 - 2019-04-02 06:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-09 20:19 - 2019-04-02 06:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-09 20:19 - 2019-04-02 06:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-09 20:19 - 2019-04-02 06:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-09 20:19 - 2019-04-02 06:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-09 20:19 - 2019-04-02 06:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-09 20:19 - 2019-04-02 06:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-09 20:19 - 2019-04-02 06:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-09 20:19 - 2019-04-02 06:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-09 20:19 - 2019-04-02 06:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-09 20:19 - 2019-04-02 06:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-09 20:19 - 2019-04-02 06:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-09 20:19 - 2019-04-02 06:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-09 20:19 - 2019-04-02 06:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-09 20:19 - 2019-04-02 03:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-09 20:19 - 2019-04-02 03:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-09 20:19 - 2019-04-02 03:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-09 20:19 - 2019-04-02 03:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-09 20:19 - 2019-04-02 03:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-09 20:19 - 2019-04-02 03:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-09 20:19 - 2019-04-02 03:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-09 20:19 - 2019-04-02 03:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-09 20:19 - 2019-04-02 03:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-09 20:19 - 2019-04-02 02:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-09 20:19 - 2019-04-02 02:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-09 20:19 - 2019-04-02 02:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-09 20:19 - 2019-04-02 02:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-09 20:19 - 2019-04-02 02:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-09 20:19 - 2019-04-02 02:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-09 20:19 - 2019-04-02 02:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-09 20:19 - 2019-04-02 02:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-09 20:19 - 2019-04-02 02:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-09 20:19 - 2019-04-02 02:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-09 20:19 - 2019-04-02 02:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-09 20:19 - 2019-04-02 02:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-09 20:19 - 2019-04-02 02:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-09 20:19 - 2019-04-02 02:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-09 20:19 - 2019-04-02 01:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-09 20:19 - 2019-04-02 01:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-09 20:19 - 2019-04-02 01:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-09 20:19 - 2019-04-02 01:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-09 20:19 - 2019-04-02 01:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-09 20:19 - 2019-04-02 01:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-09 20:19 - 2019-04-02 01:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-09 20:19 - 2019-04-02 01:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-09 20:19 - 2019-04-02 01:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-09 20:19 - 2019-04-02 01:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-09 20:19 - 2019-04-02 01:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-09 20:19 - 2019-04-02 01:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-09 20:19 - 2019-04-02 01:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-09 20:19 - 2019-04-02 01:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-09 20:19 - 2019-04-02 01:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-09 20:19 - 2019-04-02 01:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-09 20:19 - 2019-04-02 01:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-09 20:19 - 2019-04-02 00:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-09 20:19 - 2019-04-01 23:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-09 20:19 - 2019-04-01 23:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-09 20:19 - 2019-04-01 23:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-09 20:19 - 2019-04-01 23:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-09 20:19 - 2019-04-01 22:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-09 20:19 - 2019-04-01 22:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-09 20:19 - 2019-04-01 22:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-09 20:19 - 2019-04-01 22:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-09 20:19 - 2019-04-01 22:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-09 20:19 - 2019-04-01 22:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-09 20:19 - 2019-04-01 22:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-09 20:19 - 2019-04-01 22:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-09 20:19 - 2019-04-01 22:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-09 20:19 - 2019-03-16 06:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-09 20:19 - 2019-03-16 03:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-09 20:19 - 2019-03-14 08:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-09 20:19 - 2019-03-14 08:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-09 20:19 - 2019-03-14 08:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-09 20:19 - 2019-03-14 08:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-09 20:19 - 2019-03-14 08:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-09 20:19 - 2019-03-14 08:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-09 20:19 - 2019-03-14 08:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-09 20:19 - 2019-03-14 08:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-09 20:19 - 2019-03-14 08:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-09 20:19 - 2019-03-14 08:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-09 20:19 - 2019-03-14 08:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-09 20:19 - 2019-03-14 08:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-09 20:19 - 2019-03-14 08:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-09 20:19 - 2019-03-14 07:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-09 20:19 - 2019-03-14 07:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-09 20:19 - 2019-03-14 07:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-09 20:19 - 2019-03-14 07:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-09 20:19 - 2019-03-14 07:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-09 20:19 - 2019-03-14 07:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-09 20:19 - 2019-03-14 02:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-09 20:19 - 2019-03-14 02:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-09 20:19 - 2019-03-14 02:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-09 20:19 - 2019-03-14 02:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-09 20:19 - 2019-03-14 02:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-09 20:19 - 2019-03-14 02:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-09 20:19 - 2019-03-14 02:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-09 20:19 - 2019-03-14 02:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-09 20:19 - 2019-03-14 02:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-09 20:19 - 2019-03-14 02:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-09 20:19 - 2019-03-14 02:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-09 20:19 - 2019-03-14 02:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-09 20:19 - 2019-03-14 02:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-09 20:19 - 2019-03-14 02:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-09 20:19 - 2019-03-14 02:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-09 20:19 - 2019-03-14 02:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-09 20:19 - 2019-03-14 02:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-09 20:19 - 2019-03-14 02:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-09 20:19 - 2019-03-14 02:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-09 20:19 - 2019-03-14 02:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-09 20:19 - 2019-03-14 02:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-09 20:19 - 2019-03-14 02:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-09 20:19 - 2019-03-14 02:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-09 20:19 - 2019-03-14 02:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-09 20:19 - 2019-03-14 02:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-09 20:19 - 2019-03-14 02:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-09 20:19 - 2019-03-14 02:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-09 20:19 - 2019-03-14 02:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-09 20:19 - 2019-03-14 02:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-09 20:19 - 2019-03-14 02:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-09 20:19 - 2019-03-14 02:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-09 20:19 - 2019-03-14 02:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-09 20:19 - 2019-03-14 02:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-09 20:19 - 2019-03-14 02:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-09 20:19 - 2019-03-14 02:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-09 20:19 - 2019-03-14 02:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-09 20:19 - 2019-03-14 02:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-09 20:19 - 2019-03-14 02:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-09 20:19 - 2019-03-14 02:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-09 20:19 - 2019-03-14 02:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-09 20:19 - 2019-03-14 02:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-09 20:19 - 2019-03-14 02:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-09 20:19 - 2019-03-14 02:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-09 20:19 - 2019-03-14 02:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-09 20:19 - 2019-03-14 02:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-09 20:19 - 2019-03-14 02:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-09 20:19 - 2019-03-14 02:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-09 20:19 - 2019-03-14 02:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-09 20:19 - 2019-03-14 02:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-09 20:19 - 2019-03-14 02:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-09 20:19 - 2019-03-14 01:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-09 20:19 - 2019-03-14 01:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-09 20:19 - 2019-03-14 01:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-09 20:19 - 2019-03-14 01:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-09 20:19 - 2019-03-14 01:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-09 20:19 - 2019-03-14 01:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-09 20:19 - 2019-03-14 01:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-09 20:19 - 2019-03-14 01:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-09 20:19 - 2019-03-14 01:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-09 20:19 - 2019-03-14 01:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-09 20:19 - 2019-03-14 01:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-09 20:19 - 2019-03-14 01:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-09 20:19 - 2019-03-14 01:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-09 20:19 - 2019-03-14 01:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-09 20:19 - 2019-03-14 01:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-09 20:19 - 2019-03-14 01:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-09 20:19 - 2019-03-14 01:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-09 20:19 - 2019-03-14 01:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-09 20:19 - 2019-03-14 01:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-09 20:19 - 2019-03-14 01:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-09 20:19 - 2019-03-14 01:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-09 20:19 - 2019-03-14 01:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-09 20:19 - 2019-03-14 01:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-09 20:19 - 2019-03-14 01:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-09 20:19 - 2019-03-14 01:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-09 20:19 - 2019-03-14 01:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-09 20:19 - 2019-03-14 01:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-09 20:19 - 2019-03-14 01:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-09 20:19 - 2019-03-14 01:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-09 20:19 - 2019-03-14 01:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-09 20:19 - 2019-03-14 01:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-09 20:19 - 2019-03-14 01:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-09 20:19 - 2019-03-14 01:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-09 20:19 - 2019-03-14 01:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-09 20:19 - 2019-03-14 01:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-09 20:19 - 2019-03-14 01:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-09 20:19 - 2019-03-14 01:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-09 20:19 - 2019-03-14 01:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-09 20:19 - 2019-03-14 01:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-09 20:19 - 2019-03-14 01:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-09 20:19 - 2019-03-14 01:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-09 20:19 - 2019-03-14 01:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-09 20:19 - 2019-03-14 01:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-09 20:19 - 2019-03-14 01:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-09 20:19 - 2019-03-14 01:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-09 20:19 - 2019-03-14 01:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-09 20:19 - 2019-03-14 01:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-09 20:19 - 2019-03-14 01:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-09 20:19 - 2019-03-14 01:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-09 20:19 - 2019-03-14 01:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-09 20:19 - 2019-03-14 01:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-09 20:19 - 2019-03-13 19:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-09 20:19 - 2019-03-13 19:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-09 20:19 - 2019-03-13 19:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-09 20:19 - 2019-03-13 19:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-09 20:19 - 2019-03-13 19:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-09 19:22 - 2019-04-09 19:22 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC 2019.lnk
2019-04-03 19:39 - 2019-04-03 19:39 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2019.lnk
2019-04-03 19:16 - 2019-04-18 08:35 - 000536752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-03 16:46 - 2019-04-03 16:46 - 000001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2019.lnk
2019-04-03 16:13 - 2019-04-03 16:13 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver 2019.lnk
2019-04-02 08:55 - 2019-04-02 08:55 - 000000000 ____D C:\Users\Anderson\Downloads\Charlemagne Std Bold
2019-04-02 08:54 - 2019-04-02 08:54 - 000041234 _____ C:\Users\Anderson\Downloads\Charlemagne Std Bold.zip
2019-03-31 16:00 - 2019-03-31 16:00 - 000002205 _____ C:\Users\Public\Desktop\Carbonite.lnk
2019-03-31 16:00 - 2019-03-31 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2019-03-29 12:51 - 2019-03-29 12:52 - 000671175 _____ C:\Users\Anderson\Downloads\Compare.products.3985_AquaticBlue.1559_LightBlue.625_IndigoBlue.4814_DeepRoyal.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-27 15:41 - 2018-04-11 17:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-27 15:21 - 2016-11-17 15:05 - 000000000 ____D C:\Users\Anderson\AppData\LocalLow\Mozilla
2019-04-27 14:59 - 2018-06-10 18:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-27 14:28 - 2018-09-15 03:43 - 000000000 ___HD C:\$WINDOWS.~BT
2019-04-27 13:01 - 2016-11-19 10:42 - 000000000 ___RD C:\Users\Anderson\Creative Cloud Files
2019-04-27 13:01 - 2016-11-19 09:39 - 000000000 ____D C:\Users\Anderson\AppData\Local\Adobe
2019-04-27 12:59 - 2016-11-23 21:36 - 000000000 ___RD C:\Users\Anderson\iCloudDrive
2019-04-27 12:59 - 2016-11-16 16:23 - 000000000 ___RD C:\Users\Anderson\OneDrive
2019-04-27 12:57 - 2019-01-04 16:30 - 000000000 ____D C:\Users\Anderson\AppData\Roaming\Wise Care 365
2019-04-27 12:53 - 2018-06-10 18:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-27 12:52 - 2018-04-11 15:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-04-27 12:29 - 2018-11-29 19:48 - 000000000 ___HD C:\Users\Anderson\Desktop\.tmp.drivedownload
2019-04-27 12:20 - 2018-06-10 18:58 - 000004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{493FC8D2-69E7-40AB-95DA-49319A6166A1}
2019-04-27 12:05 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-27 12:01 - 2017-10-17 09:01 - 000000684 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-117299934-2116951884-1989845370-1001.job
2019-04-27 12:01 - 2017-10-17 09:01 - 000000588 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-117299934-2116951884-1989845370-1001.job
2019-04-27 11:47 - 2018-06-04 21:45 - 000000000 ___DC C:\WINDOWS\Panther
2019-04-26 23:37 - 2018-06-10 18:58 - 000003858 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-117299934-2116951884-1989845370-1001
2019-04-26 23:37 - 2018-06-10 18:58 - 000003762 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-117299934-2116951884-1989845370-1001
2019-04-26 23:37 - 2017-10-17 09:01 - 000000000 ____D C:\Users\Anderson\AppData\Local\GoToMeeting
2019-04-26 20:59 - 2018-02-15 20:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-04-26 20:54 - 2018-04-11 17:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-25 23:22 - 2017-02-12 21:57 - 000000000 ____D C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2019-04-25 23:12 - 2018-06-23 14:45 - 000000000 ____D C:\Users\Anderson\AppData\Local\CrashDumps
2019-04-25 22:12 - 2018-06-10 18:21 - 000000000 ____D C:\Users\defaultuser0
2019-04-25 22:11 - 2018-06-10 18:21 - 000000000 ____D C:\Users\Anderson
2019-04-25 21:34 - 2017-07-18 11:57 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-04-25 21:28 - 2016-11-16 16:19 - 000000000 ____D C:\Users\Anderson\AppData\Local\VirtualStore
2019-04-25 17:41 - 2017-01-10 15:11 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-04-24 21:59 - 2019-01-08 18:05 - 000000000 ____D C:\Users\Anderson\Desktop\Emily
2019-04-24 21:48 - 2017-12-21 23:52 - 000000000 ____D C:\Users\Anderson\AppData\Local\Packages
2019-04-24 15:10 - 2018-04-11 17:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-23 21:16 - 2018-12-26 22:13 - 000463408 _____ C:\WINDOWS\SysWOW64\postscript.ps
2019-04-20 17:36 - 2018-12-26 20:16 - 000000955 _____ C:\WINDOWS\Tasks\EPSON SC-P800 Series Update {9AFB6BBE-2199-4C1C-ACD5-97579F84012E}.job
2019-04-20 17:36 - 2017-01-10 15:11 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-04-20 17:36 - 2017-01-10 15:11 - 000000940 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-04-20 16:41 - 2019-01-24 21:12 - 000003590 _____ C:\WINDOWS\System32\Tasks\Wise Care 365 PC Checkup Task
2019-04-20 16:41 - 2019-01-04 17:03 - 000003066 _____ C:\WINDOWS\System32\Tasks\Wise Care 365.job
2019-04-20 16:41 - 2018-12-26 20:16 - 000003508 _____ C:\WINDOWS\System32\Tasks\EPSON SC-P800 Series Update {9AFB6BBE-2199-4C1C-ACD5-97579F84012E}
2019-04-20 16:41 - 2018-09-12 09:21 - 000002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-04-20 16:41 - 2018-06-10 18:58 - 000007586 _____ C:\WINDOWS\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}
2019-04-20 16:41 - 2018-06-10 18:58 - 000003750 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-20 16:41 - 2018-06-10 18:58 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-04-20 16:41 - 2018-06-10 18:58 - 000003458 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-04-20 16:41 - 2018-06-10 18:58 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-20 16:41 - 2018-06-10 18:58 - 000003278 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-04-20 16:41 - 2018-06-10 18:58 - 000003234 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-04-20 16:41 - 2018-06-10 18:58 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-20 16:41 - 2018-06-10 18:58 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-117299934-2116951884-1989845370-1001
2019-04-20 16:41 - 2018-06-10 18:58 - 000002850 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-stefanierase@msn.com
2019-04-20 16:41 - 2018-06-10 18:58 - 000002804 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-stefanierase@msn.com
2019-04-20 16:41 - 2018-06-10 18:58 - 000002778 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-7MH20NA-Anderson
2019-04-20 16:41 - 2018-06-10 18:58 - 000002642 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2019-04-20 16:41 - 2018-06-10 18:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-04-20 11:15 - 2018-04-11 17:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-20 11:01 - 2018-12-24 15:52 - 000004286 _____ C:\WINDOWS\System32\Tasks\Avast Cleanup Update
2019-04-20 10:17 - 2018-06-10 18:58 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-04-18 13:48 - 2018-11-25 22:56 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-04-18 13:48 - 2018-11-25 22:56 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-04-18 13:48 - 2018-11-25 22:56 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-04-18 13:48 - 2018-11-25 22:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-04-18 09:00 - 2016-11-17 22:15 - 000000000 ___RD C:\Users\Anderson\Dropbox
2019-04-18 08:56 - 2017-07-18 11:16 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-04-18 08:37 - 2018-04-11 17:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-18 08:31 - 2018-04-11 17:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-18 08:31 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-18 08:31 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-18 08:20 - 2016-11-17 15:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-16 17:14 - 2017-07-18 11:16 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-04-16 17:12 - 2019-02-13 04:05 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-04-16 17:12 - 2019-01-14 09:11 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-04-16 17:12 - 2019-01-04 13:07 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-04-16 17:12 - 2019-01-04 13:07 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-04-16 17:12 - 2019-01-04 13:07 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-04-16 17:12 - 2019-01-04 13:07 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-04-16 17:12 - 2018-10-10 05:00 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-04-16 17:12 - 2017-11-16 19:41 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-04-16 17:12 - 2017-07-18 11:16 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-04-16 17:12 - 2017-07-18 11:16 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-04-16 17:12 - 2017-07-18 11:16 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-04-16 17:12 - 2017-07-18 11:16 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-04-16 17:12 - 2017-07-18 11:16 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-04-14 20:32 - 2016-11-17 15:05 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-12 20:28 - 2018-06-10 18:21 - 000002372 _____ C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-11 17:03 - 2018-05-16 21:35 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-04-11 17:03 - 2018-05-16 21:35 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-04-11 15:55 - 2017-07-18 11:17 - 000000000 ____D C:\Users\Anderson\AppData\Roaming\AVAST Software
2019-04-11 11:47 - 2016-11-17 10:48 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 11:47 - 2016-11-17 10:48 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-11 10:02 - 2016-11-17 10:51 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-09 20:17 - 2016-11-16 18:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-09 20:01 - 2016-11-16 18:14 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-09 19:22 - 2019-03-17 02:02 - 000000000 ___HD C:\adobeTemp
2019-04-09 07:54 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-09 07:54 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-05 17:51 - 2018-11-15 20:12 - 000000000 ____D C:\Program Files\rempl
2019-04-04 19:14 - 2018-06-10 18:38 - 000793700 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-03 19:52 - 2016-11-17 10:49 - 000000000 ____D C:\ProgramData\Adobe
2019-04-03 19:39 - 2016-11-19 10:53 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-04-03 19:16 - 2018-02-03 17:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-04-03 18:20 - 2016-11-17 22:05 - 000000000 ____D C:\Users\Anderson\Desktop\Stefanie
2019-04-03 16:46 - 2016-11-19 10:45 - 000000000 ____D C:\Program Files\Adobe
2019-04-03 16:26 - 2016-11-17 22:04 - 000000000 ____D C:\Users\Anderson\Desktop\Old Firefox Data
2019-04-03 14:10 - 2013-10-11 14:16 - 000007934 _____ C:\Users\Anderson\Documents\Whole Wheat Bread recipe.odt
2019-04-01 11:51 - 2018-08-15 16:34 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-01 11:51 - 2018-08-15 16:34 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-30 20:00 - 2016-11-30 16:56 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2019-03-29 12:22 - 2018-02-06 20:33 - 000000000 ____D C:\Users\Anderson\AppData\Local\CutePDF Writer
==================== Files in the root of some directories =======
2016-01-10 17:16 - 2016-04-16 19:57 - 000000122 _____ () C:\Users\Anderson\jobq.dat
2016-11-19 11:04 - 2018-12-31 21:31 - 000000033 _____ () C:\Users\Anderson\AppData\Roaming\AdobeWLCMCache.dat
2018-07-04 00:13 - 2018-07-30 20:35 - 000000028 _____ () C:\Users\Anderson\AppData\Roaming\kulerdata.json
2018-09-26 17:05 - 2018-09-26 17:05 - 000000000 _____ () C:\Users\Anderson\AppData\Local\oobelibMkey.log
2018-07-28 22:54 - 2018-08-01 00:11 - 000000600 _____ () C:\Users\Anderson\AppData\Local\PUTTY.RND
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.04.2019
Ran by Anderson (27-04-2019 15:50:04)
Running from C:\Users\Anderson\Downloads
Windows 10 Home Version 1803 17134.706 (X64) (2018-06-11 00:59:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-117299934-2116951884-1989845370-500 - Administrator - Disabled)
Anderson (S-1-5-21-117299934-2116951884-1989845370-1001 - Administrator - Enabled) => C:\Users\Anderson
DefaultAccount (S-1-5-21-117299934-2116951884-1989845370-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-117299934-2116951884-1989845370-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-117299934-2116951884-1989845370-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-117299934-2116951884-1989845370-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
AccuRIP (HKLM-x32\...\AccuRIP) (Version: 1.05.051 - Fawkes Engineering / Freehand Graphics)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Bridge CC 2019 (HKLM-x32\...\KBRG_9_0_3) (Version: 9.0.3 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.1.435 - Adobe Systems Incorporated)
Adobe Dreamweaver 2019 (HKLM-x32\...\DRWV_19_1) (Version: 19.1 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_5_0) (Version: 17.5.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Illustrator 2019 (HKLM-x32\...\ILST_23_0_3) (Version: 23.0.3 - Adobe Systems Incorporated)
Adobe InDesign 2019 (HKLM-x32\...\IDSN_14_0_2) (Version: 14.0.2 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_1_0) (Version: 12.1.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_6) (Version: 18.1.6 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7102 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 73.0.1258.86 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.9.626 - AVG Technologies)
Backup and Sync from Google (HKLM\...\{F9EEDE46-6409-4ECC-8AB6-7062464987A4}) (Version: 3.43.4275.9540 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Carbonite (HKLM-x32\...\{129A37E4-7280-429B-B2C6-FF2EA057F239}) (Version: 6.3.4 build 7957 (Feb-08-2019) - Carbonite)
CutePDF Writer 3.2 (HKLM\...\CutePDF Writer Installation) (Version: 3.2 - Acro Software Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 71.4.108 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
EPSON SC-P800 Series Printer Uninstall (HKLM\...\EPSON SC-P800 Series) (Version: - SEIKO EPSON Corporation)
Epson Software Updater (HKLM-x32\...\{60A3CB9F-4429-4C7A-AA97-77CC4FE10671}) (Version: 4.4.9 - Seiko Epson Corporation)
Epson SureColor P800 Guide version 1.0 (HKLM-x32\...\UsersGuideEpson SureColor P800 Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{15A0F113-BF2C-4C12-8AA8-42AE0D9AE1C9}) (Version: 3.1.2.0 - SEIKO EPSON Corporation)
FileZilla Client 3.35.1 (HKLM-x32\...\FileZilla Client) (Version: 3.35.1 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
GoTo Opener (HKLM-x32\...\{351B54B2-1AFC-42A7-A8C0-9E05C26F0D1E}) (Version: 1.0.470 - LogMeIn, Inc.)
GoToMeeting 8.44.0.12814 (HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\GoToMeeting) (Version: 8.44.0.12814 - LogMeIn, Inc.)
iCloud (HKLM\...\{5FEE6A85-BB93-49AB-8927-F1D780BB6727}) (Version: 7.8.0.7 - Apple Inc.)
iTunes (HKLM\...\{DF90B2B3-5832-4E85-934D-8048B33A1D67}) (Version: 12.9.4.102 - Apple Inc.)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11425.20244 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 66.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 66.0.3 (x64 en-US)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.3.7038 - Mozilla)
Mozilla Thunderbird 60.6.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 60.6.1 (x86 en-US)) (Version: 60.6.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Shrink Pic (remove) (HKLM-x32\...\Shrink Pic) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wise Care 365 5.2.3 (HKLM-x32\...\Wise Care 365_is1) (Version: 5.2.3 - WiseCleaner.com, Inc.)
Zoom (HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-0CD4C1AB600E} -> [Creative Cloud Files] => C:\Users\Anderson\Creative Cloud Files [2016-11-19 10:42]
CustomCLSID: HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Anderson\AppData\Local\GoToMeeting\7716\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Anderson\Dropbox [2016-11-17 22:15]
CustomCLSID: HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-10-01] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Camera (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3" --app-id=hfhhnacclhffhdffklopdkcgdhifgngh
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Camera (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5" --app-id=hfhhnacclhffhdffklopdkcgdhifgngh
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Camera (3).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6" --app-id=hfhhnacclhffhdffklopdkcgdhifgngh
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Camera (4).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 20" --app-id=hfhhnacclhffhdffklopdkcgdhifgngh
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Camera (5).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 29" --app-id=hfhhnacclhffhdffklopdkcgdhifgngh
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Camera.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2" --app-id=hfhhnacclhffhdffklopdkcgdhifgngh
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning (3).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning (4).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 11" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning (5).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 20" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning (6).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 29" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Imagine Learning.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2" --app-id=cmeclblmdmffdgpdlifgepjddoplmmal
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady (3).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady (4).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 11" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady (5).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 20" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady (6).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 29" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\iReady.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2" --app-id=hlibmedjdjgnlnnlmjanmlgdegeldimh
ShortcutWithArgument: C:\Users\Anderson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f04b99502c311012\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 44"
==================== Loaded Modules (Whitelisted) ==============
2015-06-17 17:44 - 2015-06-17 17:44 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2015-08-21 22:09 - 2015-08-21 22:09 - 000344064 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2013-11-15 00:47 - 2013-11-15 00:47 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2013-11-15 00:47 - 2013-11-15 00:47 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2009-05-04 10:20 - 2009-05-04 10:20 - 002528256 _____ () [File not signed] C:\Program Files (x86)\Shrink Pic\shrink_pic.exe
2019-04-20 10:43 - 2019-04-20 10:43 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM\23e628c030049e8c0d07b78014827e03\MOM.ni.exe
2019-04-20 10:43 - 2019-04-20 10:43 - 000391680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\b9a7ad5a9068b811513115f9cd8ac80c\MOM.Implementation.ni.dll
2019-04-20 10:35 - 2019-04-20 10:35 - 000132096 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\979eb55a8120ba4af26bd1bf0642add0\LOG.Foundation.ni.dll
2019-04-20 10:35 - 2019-04-20 10:35 - 000146432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\bbcea7b238ee69121b9934586a52065e\LOG.Foundation.Private.ni.dll
2019-04-20 10:42 - 2019-04-20 10:42 - 000289792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\e7f5483b1646e6fa2a1fcd4b9308b10e\LOG.Foundation.Implementation.ni.dll
2019-04-20 10:36 - 2019-04-20 10:36 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\7effe05a6141dfb29f8fdd26abf02623\MOM.Foundation.ni.dll
2019-04-20 10:36 - 2019-04-20 10:36 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\a093d75ad676040ac1e079648e72e0c3\LOG.Foundation.Implementation.Private.ni.dll
2019-04-20 10:36 - 2019-04-20 10:36 - 000199168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\0058a791ec0f65262c2200c265488e85\CCC.Implementation.ni.dll
2019-04-27 12:57 - 2019-04-27 12:57 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\python27.dll
2019-04-27 12:57 - 2019-04-27 12:57 - 000113664 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_ctypes.pyd
2019-04-27 12:57 - 2019-04-27 12:57 - 000080896 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\bz2.pyd
2019-04-27 12:57 - 2019-04-27 12:57 - 001792512 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_hashlib.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000128512 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32api.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000137728 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\pywintypes27.dll
2019-04-27 12:57 - 2019-04-27 12:58 - 000548864 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\pythoncom27.dll
2019-04-27 12:58 - 2019-04-27 12:58 - 000689664 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\unicodedata.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000438784 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32com.shell.shell.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 001489408 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wx._core_.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wxbase30u_net_vc90_x64.dll
2019-04-27 12:58 - 2019-04-27 12:58 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wxbase30u_vc90_x64.dll
2019-04-27 12:58 - 2019-04-27 12:58 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wxmsw30u_adv_vc90_x64.dll
2019-04-27 12:58 - 2019-04-27 12:58 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wxmsw30u_core_vc90_x64.dll
2019-04-27 12:58 - 2019-04-27 12:58 - 001007104 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wx._gdi_.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 001039872 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wx._windows_.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wxmsw30u_html_vc90_x64.dll
2019-04-27 12:58 - 2019-04-27 12:58 - 001325056 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wx._controls_.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000916992 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wx._misc_.pyd
2019-04-27 12:57 - 2019-04-27 12:57 - 001084416 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\pysqlite2._sqlite.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000149504 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32file.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000136192 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32security.pyd
2019-04-27 12:57 - 2019-04-27 12:57 - 000007680 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\hashobjs_ext.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000020992 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\thumbnails_ext.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000118784 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\usb_ext.pyd
2019-04-27 12:57 - 2019-04-27 12:57 - 000047616 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_socket.pyd
2019-04-27 12:57 - 2019-04-27 12:57 - 002224640 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_ssl.pyd
2019-04-27 12:57 - 2019-04-27 12:57 - 000014848 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\common.time34.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000023040 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32event.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000034304 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\windows.conditional.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000020480 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\windows.winwrap.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000110080 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\windows.volumes.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000223232 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32gui.pyd
2019-04-27 12:57 - 2019-04-27 12:57 - 000173568 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_elementtree.pyd
2019-04-27 12:57 - 2019-04-27 12:57 - 000169472 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\pyexpat.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000048128 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32inet.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000103424 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wx._html2.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\wxmsw30u_webview_vc90_x64.dll
2019-04-27 12:57 - 2019-04-27 12:57 - 000046080 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_psutil_windows.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000011776 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32crypt.pyd
2019-04-27 12:57 - 2019-04-27 12:57 - 000301568 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\PIL._imaging.pyd
2019-04-27 12:57 - 2019-04-27 12:57 - 000032256 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_multiprocessing.pyd
2019-04-27 12:57 - 2019-04-27 12:57 - 005752320 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\cello.pyd
2019-04-27 12:57 - 2019-04-27 12:57 - 000026112 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\_yappi.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000044032 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32process.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000027648 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32pipe.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000010752 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\select.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000029696 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32pdh.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000038400 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\windows.connectivity.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000073216 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\windows.device_monitor.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000020480 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32profile.pyd
2019-04-27 12:58 - 2019-04-27 12:58 - 000026624 _____ () [File not signed] C:\Users\Anderson\AppData\Local\Temp\_MEI41162\win32ts.pyd
2019-04-20 10:36 - 2019-04-20 10:36 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC\e1637f1318b74f4cee52c3e29f211730\CCC.ni.exe
2019-04-20 10:36 - 2019-04-20 10:36 - 000295424 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\2ea0fe37993a3a70a0e1b16d28845d10\CLI.Foundation.ni.dll
2017-06-27 22:25 - 2017-06-27 22:25 - 004452352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5Widgets.dll
2017-06-27 22:19 - 2017-06-27 22:19 - 004960256 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5Gui.dll
2017-06-27 22:12 - 2017-06-27 22:12 - 000150528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5Xml.dll
2017-06-27 22:18 - 2017-06-27 22:18 - 000952320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5Network.dll
2018-12-10 19:32 - 2018-12-10 19:32 - 004763136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5Core.dll
2017-06-27 22:13 - 2017-06-27 22:13 - 000155648 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5Sql.dll
2018-12-10 19:16 - 2018-12-10 19:16 - 000064000 _____ () [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\plugins\HalftonerAmFm.dll
2018-12-10 19:16 - 2018-12-10 19:16 - 000117760 _____ () [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\plugins\HalftonerJawsAm.dll
2017-06-27 22:26 - 2017-06-27 22:26 - 000267264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\Qt5PrintSupport.dll
2018-12-10 19:18 - 2018-12-10 19:18 - 000060928 _____ () [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\plugins\OutputerWin32.dll
2018-12-10 19:17 - 2018-12-10 19:17 - 000109568 _____ () [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\plugins\PrinterCanon.dll
2018-12-10 19:17 - 2018-12-10 19:17 - 000281600 _____ () [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\plugins\PrinterEpson.dll
2018-12-10 19:17 - 2018-12-10 19:17 - 000055808 _____ () [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\plugins\PrinterRyonetDts.dll
2017-06-27 22:30 - 2017-06-27 22:30 - 000829440 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Fawkes Engineering\AccuRIP\sqldrivers\qsqlite.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-24 15:10 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2009-05-04 09:24 - 2009-05-04 09:24 - 000187392 _____ () [File not signed] C:\Program Files (x86)\Shrink Pic\shrinkpici.dll
2018-12-24 15:51 - 2016-09-12 15:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\sharepoint.com -> hxxps://studentssnow-files.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 05:47 - 2019-01-04 04:56 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_5CAF00AE0FF87E34AC799D4A843F69A7"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{85BA9908-75E8-42EA-83E1-F381CFA7759C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{518A9C96-C376-4A0C-9A3E-7ED185E9BA93}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B738EC9B-E3CE-4424-93F8-01F898CBDF96}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{16C66ED8-C19A-4E8C-BF42-7D47A2B35C2C}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [TCP Query User{489DE0AA-9C13-44B6-97DD-C6D31152AA9D}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [UDP Query User{A419D628-C581-45E6-BE60-FC38CAB2E122}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [TCP Query User{A4410F06-749E-424E-895D-17E0ADF6B4F7}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Adobe Systems Incorporated -> Joyent, Inc)
FirewallRules: [{C330F7C4-CC81-48FB-91AD-1DD4DEA708FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{831AB0F0-77EF-49E5-A641-40251FC229D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7656BEF3-351D-4810-973C-B304A1A1B853}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{86E447D0-1E7A-4F80-B3A4-BCF4B934DB24}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{51C454E5-EFC1-4518-AE9A-474C70A04CEB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6825A35E-E4F2-4237-9BF1-A6552CB44260}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5A3B9A24-ED6C-4992-907A-22F99BF8BAA4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5E18A03-55A4-4364-A3AD-3619805E9057}] => (Allow) C:\Program Files\Adobe\Adobe Dreamweaver CC 2017\Dreamweaver.exe (Adobe Systems Incorporated -> Adobe Systems, Inc.)
FirewallRules: [{28ED60FA-7C71-436A-956A-CCE88EC779FD}] => (Allow) C:\Program Files\Adobe\Adobe Dreamweaver CC 2017\Dreamweaver.exe (Adobe Systems Incorporated -> Adobe Systems, Inc.)
FirewallRules: [{827176E0-6361-46D0-8F7E-A0860FA44268}] => (Allow) C:\Program Files\Adobe\Adobe Dreamweaver CC 2017\Dreamweaver.exe (Adobe Systems Incorporated -> Adobe Systems, Inc.)
FirewallRules: [{2F3FAF2B-3037-45D8-BE72-624D3E28A8B1}] => (Allow) C:\Program Files\Adobe\Adobe Dreamweaver CC 2017\Dreamweaver.exe (Adobe Systems Incorporated -> Adobe Systems, Inc.)
FirewallRules: [{0E359C0E-7B8C-4A75-9701-FA20ACAC120C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{96C1D474-A642-480B-ABF1-C47E359778FE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0937DBA-0490-498E-84E1-107E85C9FFCE}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{41D1FA0E-DBDC-4573-A897-E560E5DA0CBD}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{CA681EF9-A38A-41D9-A047-58F07715030D}] => (Allow) C:\Program Files (x86)\Fawkes Engineering\AccuRIP\AccuRIP.exe (Fawkes Engineering, Inc. -> Fawkes Engineering Inc)
FirewallRules: [{A56FE2FB-D59C-4714-9A39-9971807C5C12}] => (Allow) C:\Program Files (x86)\Fawkes Engineering\AccuRIP\RipCore.exe (Fawkes Engineering, Inc. -> )
FirewallRules: [TCP Query User{DE92719E-24AE-4D52-9EAD-AB6B3889E9D0}C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [UDP Query User{BF31F9EE-5ACF-44D1-A9B9-933D94A84FC5}C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [TCP Query User{1C85C3EA-5637-46A5-8429-AE5EFFB4BDAA}C:\program files\adobe\adobe dreamweaver cc 2019\dreamweaver.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2019\dreamweaver.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [UDP Query User{C4E2FE97-D3FF-4E0D-81CE-12260D012DA0}C:\program files\adobe\adobe dreamweaver cc 2019\dreamweaver.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2019\dreamweaver.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{23F1EDD2-3E78-4D3E-B2F0-B85ADB1DA770}] => (Block) C:\program files\adobe\adobe dreamweaver cc 2019\dreamweaver.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{ABC47733-1C9C-46B6-AAEC-ABCBCB84F8B7}] => (Block) C:\program files\adobe\adobe dreamweaver cc 2019\dreamweaver.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{6C4B49F7-8D88-4CF0-BFEB-2907180E960C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D0D4308F-3650-4D3F-B1CA-62A812AC211A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{89AB685C-207A-4D8D-B9F5-40D50AFE8B78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{D00F1F50-C9A9-4DB7-81F9-B504F9967B12}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{C4BDE8E8-6E2D-4F3F-8B9C-325BCC17E2F6}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5F2E7F88-978C-4777-8572-CD76FB780447}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
25-04-2019 18:16:57 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/27/2019 07:11:00 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/26/2019 04:15:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PhotoScreensaver.scr version 10.0.17134.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 45ac
Start Time: 01d4fc7b40b17d4c
Termination Time: 13
Application Path: C:\Windows\System32\PhotoScreensaver.scr
Report Id: ec8d864d-0271-4f85-8f33-c69007f41458
Faulting package full name:
Faulting package-relative application ID:
Error: (04/26/2019 07:11:05 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/25/2019 11:12:02 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Google Chrome because of this error.
Program: Google Chrome
File:
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
Additional Data
Error value: 00000000
Disk type: 0
Error: (04/25/2019 11:12:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 73.0.3683.103, time stamp: 0x5ca43dd0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000096
Fault offset: 0x00007ffb06280024
Faulting process id: 0x3538
Faulting application start time: 0x01d4fbee89dbe9ba
Faulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Faulting module path: unknown
Report Id: a13293d3-75d3-4dda-8ce0-dde1acea4453
Faulting package full name:
Faulting package-relative application ID:
Error: (04/25/2019 10:57:01 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Google Chrome because of this error.
Program: Google Chrome
File:
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
Additional Data
Error value: 00000000
Disk type: 0
Error: (04/25/2019 10:57:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 73.0.3683.103, time stamp: 0x5ca43dd0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000096
Fault offset: 0x00007ffb06280024
Faulting process id: 0x76c
Faulting application start time: 0x01d4fbec6723551f
Faulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Faulting module path: unknown
Report Id: 3411aac0-4a8c-465f-92cb-1f2365530aa0
Faulting package full name:
Faulting package-relative application ID:
Error: (04/25/2019 05:40:44 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
System errors:
=============
Error: (04/27/2019 04:10:51 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7MH20NA)
Description: DCOM got error "2" attempting to start the service AvastSecureBrowserElevationService with arguments "Unavailable" in order to run the server:
{620A093F-79D3-4CAB-8CAD-EB1A39A8C0A2}
Error: (04/27/2019 04:10:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Secure Browser Elevation Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/27/2019 03:07:28 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7MH20NA)
Description: DCOM got error "2" attempting to start the service AvastSecureBrowserElevationService with arguments "Unavailable" in order to run the server:
{620A093F-79D3-4CAB-8CAD-EB1A39A8C0A2}
Error: (04/27/2019 03:07:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Secure Browser Elevation Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/27/2019 02:11:04 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7MH20NA)
Description: DCOM got error "2" attempting to start the service AvastSecureBrowserElevationService with arguments "Unavailable" in order to run the server:
{620A093F-79D3-4CAB-8CAD-EB1A39A8C0A2}
Error: (04/27/2019 02:11:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Secure Browser Elevation Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/27/2019 01:21:19 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7MH20NA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-7MH20NA\Anderson SID (S-1-5-21-117299934-2116951884-1989845370-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/27/2019 01:18:38 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-7MH20NA)
Description: DCOM got error "2" attempting to start the service AvastSecureBrowserElevationService with arguments "Unavailable" in order to run the server:
{620A093F-79D3-4CAB-8CAD-EB1A39A8C0A2}
CodeIntegrity:
===================================
Date: 2019-03-29 12:06:47.970
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-02-20 08:18:46.870
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-02-12 19:21:16.231
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-02-09 22:05:44.559
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-02-05 20:03:40.662
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-28 19:18:56.388
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-27 19:19:28.258
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-26 16:58:33.453
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: AMI 8.05 08/13/2012
Motherboard: PEGATRON CORPORATION 2AE4
Processor: AMD E2-1800 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 44%
Total physical RAM: 11854.37 MB
Available physical RAM: 6563.46 MB
Total Virtual: 13646.37 MB
Available Virtual: 8637.52 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.19 GB) (Free:582.6 GB) NTFS
Drive g: (TOSHIBA EXT) (Fixed) (Total:931.41 GB) (Free:905.16 GB) NTFS
\\?\Volume{fa9cd85e-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{fa9cd85e-0000-0000-0000-30abe8000000}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: D7DE19C2)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
- 04-28-2019 08:47 AM #6
I don't like this program
Wise Care 365 5.2.3
It runs a windows task all the time and does little to benefit the machine
No Malware seen in the log just some left overs.
Avast seems to have some problems, might want to uninstall it and reinstall It. May be interesting to see how computer runs without Avast before you go reinstalling it.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
Code:start CloseProcesses: CreateRestorePoint: (AVG Netherlands B.V. -> ) C:\Program Files (x86)\AVG Web TuneUp\vprot.exe C:\Program Files (x86)\AVG Web TuneUp HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [AdobeBridge] => [X] FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION Task: {EEA1FB7B-47CC-429F-8F64-35EDB1D5088E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION SearchScopes: HKU\S-1-5-21-117299934-2116951884-1989845370-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BE319FEB-6DEC-4236-9D1D-A71B616C06FA}&mid=6c953a8de64647cfba719d3bff70a205-803e381f556cfccec69a2dff7c5ae3ce1e16db0b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0717tb&pr=fr&d=2016-11-21 23:01:39&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms} CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-24] CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-29] CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-03-16] CustomCLSID: HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Anderson\AppData\Local\GoToMeeting\7716\G2MOutlookAddin64.dll => No File CMD: bitsadmin /reset /allusers CMD: ipconfig /flushdns Emptytemp:
- Click Format and ensure Wordwrap is unchecked.
- Save as Fixlist.txt to C:\Users\Anderson\Downloads (Must be in this location)
- Run FRST/FRST64 and press the Fix button just once and wait.
- If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
- The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.Last edited by zep516; 04-28-2019 at 11:18 AM.
- 04-28-2019 04:32 PM #7
So, all was going well. I was sitting playing on my phone and waiting for the scan to finish, when I got this notice from avast:
Threat secured
We've moved the threat FRST64.exe to your Virus Chest
Threat name: IDP.Generic
File path: C:\\USERS\Anderson\Downloads\FRST64.exe
Process: C:\\Windows\System32\cmd.exe
Detected by: Behavior Shield
Status: Moved to Virus Chest
- 04-28-2019 04:57 PM #8
Hello,
Some Anti virus programs think FRST64.EXE is malware Avast is one of them. Uninstall Avast, re-download farber recovery scan tool (FRST) and follow the rest of the instructions in post #6
- 04-29-2019 03:52 PM #9
Fix result of Farbar Recovery Scan Tool (x64) Version: 28.04.2019
Ran by Anderson (29-04-2019 14:36:23) Run:3
Running from C:\Users\Anderson\Downloads
Loaded Profiles: defaultuser0 & Anderson (Available Profiles: defaultuser0 & Anderson)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
CreateRestorePoint:
(AVG Netherlands B.V. -> ) C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\AVG Web TuneUp
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\...\Run: [AdobeBridge] => [X]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {EEA1FB7B-47CC-429F-8F64-35EDB1D5088E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
SearchScopes: HKU\S-1-5-21-117299934-2116951884-1989845370-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BE319FEB-6DEC-4236-9D1D-A71B616C06FA}&mid=6c953a8de64647cfba719d3bff70a205-803e381f556cfccec69a2dff7c5ae3ce1e16db0b&lang=en&ds=AVG&coid=avgtbavg&cmpid=0717tb&pr=fr&d=2016-11-21 23:01:39&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-24]
CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-29]
CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-03-16]
CustomCLSID: HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Anderson\AppData\Local\GoToMeeting\7716\G2MOutlookAddin64.dll => No File
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
Emptytemp:
*****************
Processes closed successfully.
Restore point was successfully created.
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe => No running process found
"C:\Program Files (x86)\AVG Web TuneUp" => not found
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-117299934-2116951884-1989845370-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEA1FB7B-47CC-429F-8F64-35EDB1D5088E}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
HKU\S-1-5-21-117299934-2116951884-1989845370-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-24] => Error: No automatic fix found for this entry.
CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-08-29] => Error: No automatic fix found for this entry.
CHR Extension: (AVG Secure Search) - C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-03-16] => Error: No automatic fix found for this entry.
HKU\S-1-5-21-117299934-2116951884-1989845370-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309} => not found
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to cancel {DA90A048-196A-4177-9449-AD51C56A8C79}.
Unable to cancel {A26F7679-8D6B-4E8B-AE03-4E845C05EA69}.
0 out of 2 jobs canceled.
========= End of CMD: =========
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20152888 B
Java, Flash, Steam htmlcache => 1448 B
Windows/system/drivers => 426869 B
Edge => 9547 B
Chrome => 1917873 B
Firefox => 62200182 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7210 B
LocalService => 0 B
NetworkService => 7708 B
NetworkService => 0 B
defaultuser0 => 0 B
Anderson => 109259016 B
RecycleBin => 0 B
EmptyTemp: => 195.3 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:39:50 ====
- 04-29-2019 03:56 PM #10
Next download AdwCleaner from Malwarebytes and run it.
https://www.malwarebytes.com/adwcleaner/