Despite my computer's scanning clear as per help I received last month, I'm still having severe problems with yahoo mail - freezing, pages not loading properly, inability to delete messages, and now so many of my own emails going unanswered, it seems they're not being delivered. (Here is the original topic, now closed: https://www.bleepingcomputer.com/forums/t/634865/avast-mbam-dont-id-infection-that-keeps-returning-upon-startup/#entry4141572 )
I was advised then to run RogueKiller if any problems returned. The scan turns up four suspicious paths related to my firewall. Here's the report:
Thanks so much for the assistance.
RogueKiller V12.9.5.0 (x64) [Jan 23 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Normal mode
User : Janet [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 01/25/2017 10:30:52 (Duration : 00:41:49)
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 4 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {C24BCDF3-CCF5-4445-95C3-12FB8DCC86F4} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Janet\AppData\Local\Temp\7zS3216\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {0540C7F9-904B-4F8E-A499-E4E915305465} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Janet\AppData\Local\Temp\7zS3216\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {395BF7FB-88B7-404F-B21B-DE3AF213D821} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Janet\AppData\Local\Temp\7zS5278\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {0ABE247F-83C2-4451-9E67-A5AFB58B1A43} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Janet\AppData\Local\Temp\7zS5278\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10JPVX-60JC3T0 SATA Disk Device +++++
--- User ---
[MBR] 718108248237bd7a6fb5c674a80f158c
[BSP] 36e824859a7492ec4de06826f6f47e7e : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 650 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1333248 | Size: 260 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1865728 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2127872 | Size: 928939 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1904596992 | Size: 857 MB
5 - [SYSTEM] Basic data partition | Offset (sectors): 1906352128 | Size: 23028 MB
User = LL1 ... OK
User = LL2 ... OK