Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

coinbase account hacked

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

coinbase account hacked

Unread postby BranchDavidian » November 26th, 2018, 12:31 pm

OTL.Txt
I was unable to use FRST.
On Thangsgiving, I attempted to log-in to my coinbase account. Strangely, it looked like two pages were trying to display at the same time. Only some of the buttons would work. I discovered in my security settings that the amount required to sent me notifications of any transactions had been changed from 0 to $12,000. After changing that back to 0, I logged out and tried logging back in hoping that that would clear up the log-in issue.
At that point, I received an e-mail from Coinbase informing me that my 2-factor authentication settings had been changed. I immediately responded asking what and why, and coinbase support responded by shutting my account down and putting a specialist on the case. They said I would be updated when they could, but have heard nothing since.
It looks like someone gained access to my account and then changed any settings that would allow me to be notified or log-in.
You do not have the required permissions to view the files attached to this post.
BranchDavidian
Regular Member
 
Posts: 15
Joined: November 26th, 2018, 8:15 am
Advertisement
Register to Remove

Re: coinbase account hacked

Unread postby BranchDavidian » November 26th, 2018, 12:36 pm

OTL logfile created on: 11/26/2018 8:29:44 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dave\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.19180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.97 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 41.20% Memory free
7.93 Gb Paging File | 5.18 Gb Available in Paging File | 65.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.67 Gb Total Space | 846.40 Gb Free Space | 92.13% Space Free | Partition Type: NTFS
Drive D: | 12.75 Gb Total Space | 1.56 Gb Free Space | 12.28% Space Free | Partition Type: NTFS

Computer Name: DAVE-HP | User Name: Dave | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2018/11/26 08:27:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dave\Downloads\OTL.exe
PRC - [2018/11/06 08:09:00 | 000,027,464 | ---- | M] (The Qt Company Ltd) -- C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
PRC - [2018/11/06 08:07:54 | 003,785,536 | ---- | M] (Dropbox, Inc.) -- C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
PRC - [2018/10/05 16:08:26 | 000,213,448 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Frontier\fshoster32.exe
PRC - [2018/01/23 14:02:34 | 001,032,624 | ---- | M] (McAfee Inc.) -- C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
PRC - [2017/11/08 11:03:20 | 001,793,088 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2014/10/08 17:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2014/10/08 17:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/09/11 04:02:22 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe


========== Modules (No Company Name) ==========

MOD - [2018/11/14 09:00:39 | 019,974,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\72f6f14dea7755ecc0a699a13ac2d2ac\System.ServiceModel.ni.dll
MOD - [2018/11/14 09:00:24 | 000,530,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\5d3a65f361e9d65944252036b6b3e34b\System.Net.Http.ni.dll
MOD - [2018/11/14 09:00:09 | 000,396,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\fb4ec630bb495b05a94e130a82cb39f6\System.Xml.Linq.ni.dll
MOD - [2018/11/14 08:59:39 | 000,524,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\dfbffab769acac73d5865a68a97b5c11\UIAutomationTypes.ni.dll
MOD - [2018/11/14 08:59:36 | 000,017,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\1ac35f9fca61015c61f8deab39bbc967\PresentationFramework-SystemXml.ni.dll
MOD - [2018/11/14 08:59:33 | 000,022,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a6349c#\b1c039ddc8d05089af62cd3ffe589cc1\PresentationFramework-SystemCore.ni.dll
MOD - [2018/11/14 06:36:34 | 002,850,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\728ca64696aa577d65b4ee0dfb13d67b\System.Runtime.Serialization.ni.dll
MOD - [2018/11/14 06:36:25 | 013,971,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\47df519154ec329f37b6d1ce1ef38614\System.Web.ni.dll
MOD - [2018/11/14 06:36:18 | 007,589,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\8de2fd7c4d86442b01354b229c65fb05\System.Xml.ni.dll
MOD - [2018/11/14 06:36:12 | 019,945,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\d88693df9518fbec7e8818e06182d8bb\PresentationFramework.ni.dll
MOD - [2018/11/14 06:36:11 | 000,811,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\14d9026fd5f2f91da76bb2391285ac92\System.Runtime.Remoting.ni.dll
MOD - [2018/11/14 06:36:05 | 013,740,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\111666b196e039bc59758dc6f30a7107\System.Windows.Forms.ni.dll
MOD - [2018/11/14 06:35:57 | 001,646,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\65a4729541f4a974fc5efe9cc3ac33c7\System.Drawing.ni.dll
MOD - [2018/11/14 06:35:56 | 012,231,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8eb135b8a1cb3d997279ce56b3d0fbb1\PresentationCore.ni.dll
MOD - [2018/11/14 06:35:56 | 002,035,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\2c6450a047d66385bfc61452fd3a9105\System.Xaml.ni.dll
MOD - [2018/11/14 06:35:50 | 001,020,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\35f8b5cc8f49e6c2c9d5497c225474ff\System.Configuration.ni.dll
MOD - [2018/11/14 06:35:48 | 008,268,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\19eccc441e56bfbe235c8d7ad26050ff\System.Data.ni.dll
MOD - [2018/11/14 06:35:47 | 004,126,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\f03523a47efac64c80036b5114d47d2e\WindowsBase.ni.dll
MOD - [2018/11/14 06:35:40 | 008,246,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\617b0fe3f9f60925590d44aec6d917de\System.Core.ni.dll
MOD - [2018/11/14 06:35:36 | 000,304,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatiod51afaa5#\0405261f5845372fc040e23e55b44c91\PresentationFramework.classic.ni.dll
MOD - [2018/11/14 06:35:30 | 010,542,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\5b8db91804b447cbd196a4f28ded55a7\System.ni.dll
MOD - [2018/11/14 06:35:20 | 020,514,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\31202f32d626603baaac9a296830c313\mscorlib.ni.dll
MOD - [2018/11/06 08:09:18 | 000,029,040 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
MOD - [2018/11/06 08:09:16 | 000,061,792 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
MOD - [2018/11/06 08:09:16 | 000,051,552 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
MOD - [2018/11/06 08:09:16 | 000,028,520 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
MOD - [2018/11/06 08:09:14 | 000,033,632 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
MOD - [2018/11/06 08:09:14 | 000,029,544 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
MOD - [2018/11/06 08:09:14 | 000,025,960 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
MOD - [2018/11/06 08:09:12 | 000,028,520 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
MOD - [2018/11/06 08:09:12 | 000,028,008 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
MOD - [2018/11/06 08:09:12 | 000,025,448 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
MOD - [2018/11/06 08:09:10 | 000,034,664 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
MOD - [2018/11/06 08:09:10 | 000,025,960 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
MOD - [2018/11/06 08:09:08 | 000,025,960 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
MOD - [2018/11/06 08:09:08 | 000,025,448 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd
MOD - [2018/11/06 08:09:06 | 000,068,968 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
MOD - [2018/11/06 08:09:06 | 000,035,680 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
MOD - [2018/11/06 08:09:04 | 000,401,752 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
MOD - [2018/11/06 08:09:02 | 000,092,488 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
MOD - [2018/11/06 08:09:02 | 000,023,376 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
MOD - [2018/11/06 08:08:30 | 003,821,392 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
MOD - [2018/11/06 08:08:30 | 000,102,736 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
MOD - [2018/11/06 08:08:28 | 000,218,456 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
MOD - [2018/11/06 08:08:28 | 000,132,944 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
MOD - [2018/11/06 08:08:26 | 000,156,504 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
MOD - [2018/11/06 08:08:26 | 000,052,056 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
MOD - [2018/11/06 08:08:26 | 000,044,888 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
MOD - [2018/11/06 08:08:26 | 000,037,200 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
MOD - [2018/11/06 08:08:24 | 000,530,768 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
MOD - [2018/11/06 08:08:24 | 000,348,496 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
MOD - [2018/11/06 08:08:24 | 000,205,656 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
MOD - [2018/11/06 08:08:22 | 001,929,552 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
MOD - [2018/11/06 08:08:22 | 000,518,992 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
MOD - [2018/11/06 08:08:20 | 001,778,000 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
MOD - [2018/11/06 08:08:18 | 011,144,016 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd
MOD - [2018/11/06 08:08:18 | 000,074,072 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
MOD - [2018/11/06 08:08:16 | 001,592,128 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
MOD - [2018/11/06 08:08:16 | 000,029,024 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
MOD - [2018/11/06 08:08:14 | 000,083,784 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
MOD - [2018/11/06 08:08:14 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\libEGL.dll
MOD - [2018/11/06 08:08:12 | 000,433,992 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.dll
MOD - [2018/11/06 08:08:08 | 001,953,640 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
MOD - [2018/11/06 08:08:08 | 000,031,600 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
MOD - [2018/11/06 08:08:08 | 000,025,960 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
MOD - [2018/11/06 08:08:06 | 000,027,488 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
MOD - [2018/11/06 08:08:06 | 000,025,944 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
MOD - [2018/11/06 08:08:06 | 000,025,456 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
MOD - [2018/11/06 08:06:54 | 002,103,112 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
MOD - [2018/11/06 08:06:54 | 001,141,064 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
MOD - [2018/11/06 08:06:54 | 000,418,776 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
MOD - [2018/11/06 08:06:54 | 000,118,232 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
MOD - [2018/11/06 08:06:54 | 000,036,312 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\librsync.dll
MOD - [2018/11/06 08:06:42 | 000,486,880 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,182,752 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,142,312 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,131,552 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,119,272 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,109,024 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,065,504 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,061,408 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,053,736 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,049,128 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,032,224 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,028,640 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,027,624 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,027,616 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,027,616 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,026,600 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,023,520 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd


========== Services (SafeList) ==========

SRV:64bit: - [2018/11/06 08:06:54 | 000,051,024 | ---- | M] (Dropbox, Inc.) [Auto | Running] -- C:\Windows\SysNative\DbxSvc.exe -- (DbxSvc)
SRV:64bit: - [2018/10/11 21:00:18 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2018/09/27 03:44:16 | 000,405,392 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.11.812\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2018/08/13 16:49:28 | 001,391,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2017/11/21 22:42:19 | 000,332,216 | ---- | M] (HP Inc.) [Auto | Running] -- C:\Program Files\hp\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe -- (HPTouchpointAnalyticsService)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/08/05 22:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV - [2018/11/23 03:37:57 | 000,216,528 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2018/11/21 06:02:27 | 000,335,872 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2018/11/19 12:31:51 | 000,100,808 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\ulcore\1542633654\fsorsp64.exe -- (fsulorsp)
SRV - [2018/11/19 12:31:19 | 000,580,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\ulcore\1542633654\fsulprothoster.exe -- (fsulprothoster)
SRV - [2018/11/19 12:31:19 | 000,580,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\ulcore\1542633654\fshoster64.exe -- (fsulnethoster)
SRV - [2018/11/19 12:31:19 | 000,580,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\ulcore\1542633654\fshoster64.exe -- (fsulhoster)
SRV - [2018/10/05 16:08:26 | 000,213,448 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\fshoster32.exe -- (fsnethoster)
SRV - [2018/10/05 16:08:26 | 000,213,448 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\fshoster32.exe -- (fshoster)
SRV - [2018/06/13 07:00:58 | 000,333,688 | ---- | M] (HP Inc.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2018/03/26 15:24:54 | 000,107,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2018/01/23 14:02:16 | 000,320,944 | ---- | M] (AnchorFree Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe -- (McAfee Vpn Service)
SRV - [2017/11/08 11:03:20 | 001,793,088 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2016/11/04 17:30:35 | 000,143,144 | ---- | M] (Dropbox, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdatem)
SRV - [2016/11/04 17:30:35 | 000,143,144 | ---- | M] (Dropbox, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdate)
SRV - [2014/10/08 17:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2014/10/08 17:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2014/03/20 17:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2010/09/11 04:02:22 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/06/18 20:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2018/08/07 05:50:30 | 000,065,872 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts)
DRV:64bit: - [2018/01/23 14:02:16 | 000,048,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aftap0901.sys -- (aftap0901)
DRV:64bit: - [2017/10/10 20:42:04 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2016/08/08 20:52:01 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/10/08 17:18:54 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2014/10/08 17:18:54 | 000,029,352 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2014/10/08 17:18:54 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2014/10/08 17:18:50 | 000,766,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/03 01:59:26 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/04/20 23:18:44 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/02/26 04:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2018/11/22 06:19:37 | 000,109,616 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\nif\1542882815\fsni64.sys -- (fsni)
DRV - [2018/11/19 12:31:25 | 000,251,560 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\ulcore\1542633654\fsulgk.sys -- (F-Secure Gatekeeper)
DRV - [2018/11/19 12:31:08 | 000,102,048 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\ulcore\1542633654\fshs.sys -- (F-Secure UL HIPS)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" = http://rover.ebay.com/rover/1/711-11109 ... 4?satitle={searchTerms}&mfe=Desktops
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" = http://rover.ebay.com/rover/1/711-11109 ... 4?satitle={searchTerms}&mfe=Desktops
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?pc=UE07&ocid=UE07DHP
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 42 9B 46 B7 80 B7 D1 01 [binary data]
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = F7 D8 F5 BC 7B B7 D1 01 [binary data]
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.cohort: "nov17-2"
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.region: "US"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Dave\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ols@f-secure.com: C:\PROGRAM FILES (X86)\FRONTIER\APPS\ULTRALIGHT\NIF\1542882815\BROWSER\INSTALL\FS_FIREFOX_HTTPS\FS_FIREFOX_HTTPS.XPI [2018/11/22 06:19:36 | 000,024,300 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 63.0.3\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 63.0.3\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ols@f-secure.com: C:\Program Files (x86)\Frontier\apps\Ultralight\nif\1542882815\browser\install\fs_firefox_https\fs_firefox_https.xpi [2018/11/22 06:19:36 | 000,024,300 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 63.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 63.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/05/12 15:10:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Extensions
[2017/11/17 00:21:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\SystemExtensionsDev
[2018/09/18 07:20:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5folwg29.default-1520381846524\browser-extension-data
[2018/09/18 07:20:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5folwg29.default-1520381846524\browser-extension-data\fxmonitor@mozilla.org
[2018/06/28 06:30:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5folwg29.default-1520381846524\browser-extension-data\screenshots@mozilla.org
[2018/09/13 05:59:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5folwg29.default-1520381846524\extensions
[2018/02/10 08:40:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\browser-extension-data
[2018/02/10 08:40:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\browser-extension-data\@Package
[2018/03/06 19:15:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\browser-extension-data\_1cMembers_@www.bringmesports.com
[2018/03/06 19:15:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\browser-extension-data\_fwMembers_@free.howtosuite.com
[2018/03/06 19:17:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\browser-extension-data\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2018/02/09 10:50:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\browser-extension-data\screenshots@mozilla.org
[2018/02/10 08:40:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\extensions
[2018/11/23 07:13:20 | 000,049,869 | ---- | M] () (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5folwg29.default-1520381846524\features\{3ec76d73-4062-43a3-b9b0-bf04372f3647}\fxmonitor@mozilla.org.xpi
[2018/02/10 08:40:33 | 000,015,319 | ---- | M] () (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\extensions\@Package.xpi
[2017/11/10 22:54:36 | 000,054,364 | ---- | M] () (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\extensions\_1cMembers_@www.bringmesports.com.xpi
[2017/11/10 22:54:42 | 000,047,299 | ---- | M] () (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\extensions\_fwMembers_@free.howtosuite.com.xpi
[2017/12/12 08:28:16 | 001,044,671 | ---- | M] () (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/11/18 05:16:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2016/11/18 05:16:14 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\3.4.1_0\
CHR - Extension: No name found = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb\2.6.0_0\
CHR - Extension: No name found = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.34.0_0\
CHR - Extension: No name found = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\
CHR - Extension: No name found = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7018.903.0.0_0\

O1 HOSTS File: ([2018/09/27 11:11:52 | 000,000,409 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2:64bit: - BHO: (Browsing Protection by F-Secure) - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\Frontier\apps\Ultralight\nif\1542882815\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (HP Inc.)
O2:64bit: - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Eyeo GmbH)
O2 - BHO: (Browsing Protection by F-Secure) - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\Frontier\apps\Ultralight\nif\1542882815\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (HP Inc.)
O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Eyeo GmbH)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dropbox] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000..\Run: [McAfeeSafeConnect] C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe (McAfee Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A2454C5-C2E9-4D1B-92B8-9D69E2103883}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBF78C88-3FBB-4286-9B47-330DB71E5269}: DhcpNameServer = 8.8.8.8 8.8.4.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2018/11/14 06:30:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2018/11/14 01:00:41 | 002,319,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2018/11/14 01:00:41 | 002,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2018/11/14 01:00:41 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2018/11/14 01:00:41 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2018/11/14 01:00:41 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2018/11/14 01:00:39 | 005,551,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2018/11/14 01:00:39 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2018/11/14 01:00:39 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2018/11/14 01:00:38 | 001,211,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2018/11/14 01:00:38 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2018/11/14 01:00:38 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2018/11/14 01:00:38 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
[2018/11/14 01:00:38 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2018/11/14 01:00:37 | 004,054,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2018/11/14 01:00:37 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2018/11/14 01:00:37 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2018/11/14 01:00:37 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2018/11/14 01:00:36 | 003,960,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2018/11/14 01:00:36 | 001,664,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2018/11/14 01:00:36 | 000,969,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2018/11/14 01:00:35 | 005,779,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2018/11/14 01:00:35 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2018/11/14 01:00:35 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2018/11/14 01:00:34 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2018/11/14 01:00:34 | 000,708,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2018/11/14 01:00:34 | 000,262,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2018/11/14 01:00:34 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2018/11/14 01:00:33 | 000,631,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2018/11/14 01:00:33 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2018/11/14 01:00:32 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2018/11/14 01:00:32 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2018/11/14 01:00:32 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2018/11/14 01:00:32 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshcon.dll
[2018/11/14 01:00:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dispex.dll
[2018/11/14 01:00:31 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2018/11/14 01:00:31 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2018/11/14 01:00:31 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2018/11/14 01:00:30 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2018/11/14 01:00:30 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2018/11/14 01:00:30 | 000,809,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2018/11/14 01:00:30 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2018/11/14 01:00:30 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2018/11/14 01:00:30 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2018/11/14 01:00:30 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshcon.dll
[2018/11/14 01:00:30 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dispex.dll
[2018/11/14 01:00:29 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2018/11/14 01:00:29 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2018/11/14 01:00:29 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2018/11/14 01:00:28 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2018/11/14 01:00:28 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2018/11/14 01:00:28 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2018/11/14 01:00:28 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2018/11/14 01:00:28 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2018/11/14 01:00:28 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys
[2018/11/14 01:00:28 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2018/11/14 01:00:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2018/11/14 01:00:28 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2018/11/14 01:00:28 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2018/11/14 01:00:28 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2018/11/14 01:00:28 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2018/11/14 01:00:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2018/11/14 01:00:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2018/11/14 01:00:27 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2018/11/14 01:00:27 | 002,059,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2018/11/14 01:00:27 | 000,794,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2018/11/14 01:00:27 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2018/11/14 01:00:27 | 000,662,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2018/11/14 01:00:27 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2018/11/14 01:00:27 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2018/11/14 01:00:27 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2018/11/14 01:00:27 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2018/11/14 01:00:27 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2018/11/14 01:00:27 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2018/11/14 01:00:27 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2018/11/14 01:00:27 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2018/11/14 01:00:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2018/11/14 01:00:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2018/11/14 01:00:27 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2018/11/14 01:00:27 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2018/11/14 01:00:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2018/11/14 01:00:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2018/11/14 01:00:27 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comcat.dll
[2018/11/14 01:00:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2018/11/14 01:00:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2018/11/14 01:00:26 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2018/11/14 01:00:26 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2018/11/14 01:00:26 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2018/11/14 01:00:26 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2018/11/14 01:00:26 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2018/11/14 01:00:26 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2018/11/14 01:00:26 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2018/11/14 01:00:26 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2018/11/14 01:00:26 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2018/11/14 01:00:26 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2018/11/14 01:00:26 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
[2018/11/14 01:00:26 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2018/11/14 01:00:26 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2018/11/14 01:00:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comcat.dll
[2018/11/14 01:00:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2018/11/14 01:00:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2018/11/14 01:00:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2018/11/14 01:00:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2018/11/14 01:00:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2018/11/14 01:00:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2018/11/14 01:00:25 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2018/11/14 01:00:25 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2018/11/14 01:00:25 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2018/11/14 01:00:25 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2018/11/14 01:00:25 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2018/11/14 01:00:25 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2018/11/14 01:00:25 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2018/11/14 01:00:25 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2018/11/14 01:00:25 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2018/11/14 01:00:25 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2018/11/14 01:00:25 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2018/11/14 01:00:25 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2018/11/14 01:00:25 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2018/11/14 01:00:25 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2018/11/14 01:00:25 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2018/11/14 01:00:25 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2018/11/14 01:00:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2018/11/14 01:00:25 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2018/11/14 01:00:25 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2018/11/14 01:00:25 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2018/11/14 01:00:25 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2018/11/14 01:00:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2018/11/14 01:00:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2018/11/14 01:00:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2018/11/14 01:00:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2018/11/14 01:00:25 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2018/11/14 01:00:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2018/11/14 01:00:25 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2018/11/14 01:00:25 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2018/11/14 01:00:25 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2018/11/14 01:00:25 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleres.dll
[2018/11/14 01:00:25 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleres.dll
[2018/11/14 01:00:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2018/11/14 01:00:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2018/11/14 01:00:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2018/11/14 01:00:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2018/11/14 01:00:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2018/11/14 01:00:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2018/11/14 01:00:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2018/11/14 01:00:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2018/11/08 05:54:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
[2018/11/07 06:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frontier Secure
[2018/11/06 08:06:54 | 000,051,024 | ---- | C] (Dropbox, Inc.) -- C:\Windows\SysNative\DbxSvc.exe
[2018/11/06 08:06:54 | 000,047,768 | ---- | C] (Dropbox, Inc.) -- C:\Windows\SysNative\drivers\dbx-dev.sys
[2018/11/06 08:06:54 | 000,047,768 | ---- | C] (Dropbox, Inc.) -- C:\Windows\SysNative\drivers\dbx-canary.sys
[2018/11/06 08:06:54 | 000,045,640 | ---- | C] (Dropbox, Inc.) -- C:\Windows\SysNative\drivers\dbx-stable.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2018/11/26 08:25:23 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018/11/26 08:25:23 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018/11/26 07:44:45 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskMachineUA.job
[2018/11/26 07:33:30 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskMachineCore.job
[2018/11/26 07:33:09 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDave.job
[2018/11/26 07:33:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018/11/26 07:32:51 | 3193,839,616 | -HS- | M] () -- C:\hiberfil.sys
[2018/11/21 06:02:27 | 000,842,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2018/11/21 06:02:27 | 000,175,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2018/11/19 12:54:30 | 000,002,145 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018/11/14 07:17:43 | 000,783,464 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018/11/14 07:17:43 | 000,662,852 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2018/11/14 07:17:43 | 000,122,462 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2018/11/14 07:08:31 | 000,283,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2018/11/14 06:33:05 | 000,775,586 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2018/11/10 20:29:02 | 005,551,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2018/11/10 20:28:59 | 000,708,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2018/11/10 20:28:49 | 000,262,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2018/11/10 20:27:51 | 000,631,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2018/11/10 20:27:47 | 001,664,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2018/11/10 20:26:16 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2018/11/10 20:26:16 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2018/11/10 20:26:16 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2018/11/10 20:26:14 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2018/11/10 20:26:07 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2018/11/10 20:26:07 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2018/11/10 20:26:06 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2018/11/10 20:26:06 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2018/11/10 20:26:00 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2018/11/10 20:25:59 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2018/11/10 20:25:57 | 001,211,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2018/11/10 20:25:57 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2018/11/10 20:25:52 | 002,072,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2018/11/10 20:25:52 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleres.dll
[2018/11/10 20:25:51 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2018/11/10 20:25:48 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2018/11/10 20:25:44 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2018/11/10 20:25:42 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2018/11/10 20:25:36 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2018/11/10 20:25:34 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2018/11/10 20:25:34 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2018/11/10 20:24:58 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2018/11/10 20:24:57 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2018/11/10 20:24:56 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\comcat.dll
[2018/11/10 20:24:39 | 000,463,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2018/11/10 20:24:32 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2018/11/10 20:24:28 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2018/11/10 20:24:28 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2018/11/10 20:24:28 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2018/11/10 20:24:28 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2018/11/10 20:24:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2018/11/10 20:24:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2018/11/10 20:24:27 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2018/11/10 20:24:27 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2018/11/10 20:24:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2018/11/10 20:24:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2018/11/10 20:24:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2018/11/10 20:24:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2018/11/10 20:24:26 | 000,880,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2018/11/10 20:24:26 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2018/11/10 20:14:50 | 004,054,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2018/11/10 20:14:15 | 003,960,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2018/11/10 20:11:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2018/11/10 20:10:57 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2018/11/10 20:10:52 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\oleres.dll
[2018/11/10 20:10:44 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2018/11/10 20:10:42 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2018/11/10 20:09:59 | 000,342,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2018/11/10 20:09:52 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2018/11/10 20:09:52 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2018/11/10 20:09:51 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2018/11/10 20:09:51 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2018/11/10 20:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2018/11/10 20:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2018/11/10 20:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2018/11/10 20:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2018/11/10 20:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2018/11/10 20:09:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2018/11/10 20:09:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2018/11/10 20:09:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2018/11/10 20:09:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2018/11/10 20:09:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2018/11/10 19:53:09 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2018/11/10 19:53:05 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2018/11/10 19:52:19 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2018/11/10 19:48:53 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2018/11/10 19:48:19 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys
[2018/11/10 19:47:54 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2018/11/10 19:47:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\comcat.dll
[2018/11/10 19:45:37 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2018/11/10 19:43:14 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2018/11/10 19:41:14 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2018/11/10 19:41:12 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2018/11/10 19:41:12 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2018/11/10 19:41:11 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2018/11/10 19:40:01 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2018/11/10 19:40:01 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2018/11/10 19:40:01 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2018/11/10 19:40:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2018/11/07 06:05:56 | 000,001,923 | ---- | M] () -- C:\Users\Public\Desktop\Computer Security.lnk
[2018/11/06 08:06:54 | 000,051,024 | ---- | M] (Dropbox, Inc.) -- C:\Windows\SysNative\DbxSvc.exe
[2018/11/06 08:06:54 | 000,047,768 | ---- | M] (Dropbox, Inc.) -- C:\Windows\SysNative\drivers\dbx-dev.sys
[2018/11/06 08:06:54 | 000,047,768 | ---- | M] (Dropbox, Inc.) -- C:\Windows\SysNative\drivers\dbx-canary.sys
[2018/11/06 08:06:54 | 000,045,640 | ---- | M] (Dropbox, Inc.) -- C:\Windows\SysNative\drivers\dbx-stable.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2017/08/10 05:02:43 | 000,518,144 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/09/01 09:41:14 | 000,000,258 | RHS- | C] () -- C:\Users\Dave\ntuser.pol
[2013/06/28 09:39:15 | 000,007,606 | ---- | C] () -- C:\Users\Dave\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2018/08/13 10:54:39 | 014,183,936 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2018/08/13 10:40:58 | 012,880,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/09/01 11:31:51 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\24x7 Help
[2011/05/12 19:29:54 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\Absolute Poker
[2013/10/16 16:41:28 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\betonline
[2015/06/04 09:53:41 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\Bitcoin
[2012/04/06 22:32:47 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\Blio
[2017/12/03 09:45:33 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\bovada-lv-poker
[2013/03/16 07:08:22 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\DriverCure
[2015/06/10 10:42:58 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\Dropbox
[2015/11/24 11:45:03 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\F-Secure
[2014/12/30 08:00:45 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\fullflush
[2013/07/02 10:22:14 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\HoolappForAndroid
[2011/05/12 14:25:50 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\PictureMover
[2018/10/19 20:31:38 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\poker-client-electron-common
[2015/05/30 09:40:34 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\SoftGrid Client
[2012/10/06 16:51:23 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\TP
[2013/03/16 07:08:22 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\Turbo My Speed
[2014/09/04 14:51:05 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\UpdaterEX
[2011/11/11 10:33:57 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\WinBatch
[2018/02/10 08:09:39 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\Windows Live Writer
[2012/10/15 07:19:36 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\{90140011-0066-0409-0000-0000000FF1CE}

========== Purity Check ==========



< End of report >
BranchDavidian
Regular Member
 
Posts: 15
Joined: November 26th, 2018, 8:15 am

Re: coinbase account hacked

Unread postby pgmigg » November 26th, 2018, 3:18 pm

Unfortunately, as you have replayed to your own topic, the topic must be closed as it would likely go unnoticed by helpers who are looking for topics that have only a single post.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why you should not reply to your topic before a helper replies.

Please start a new topic with just a single post, and this time attach your logs, then wait for a helper to reply. Thank you for your understanding.

BranchDavidian wrote:I was unable to use FRST.
Could you please explain in details in your new topic what was wrong with FRST at your previous first attempt?

This topic is now closed.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 4238
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 76 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware