OTL logfile created on: 11/26/2018 8:29:44 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dave\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.19180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 41.20% Memory free
7.93 Gb Paging File | 5.18 Gb Available in Paging File | 65.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.67 Gb Total Space | 846.40 Gb Free Space | 92.13% Space Free | Partition Type: NTFS
Drive D: | 12.75 Gb Total Space | 1.56 Gb Free Space | 12.28% Space Free | Partition Type: NTFS
Computer Name: DAVE-HP | User Name: Dave | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2018/11/26 08:27:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dave\Downloads\OTL.exe
PRC - [2018/11/06 08:09:00 | 000,027,464 | ---- | M] (The Qt Company Ltd) -- C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
PRC - [2018/11/06 08:07:54 | 003,785,536 | ---- | M] (Dropbox, Inc.) -- C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
PRC - [2018/10/05 16:08:26 | 000,213,448 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Frontier\fshoster32.exe
PRC - [2018/01/23 14:02:34 | 001,032,624 | ---- | M] (McAfee Inc.) -- C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
PRC - [2017/11/08 11:03:20 | 001,793,088 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2014/10/08 17:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2014/10/08 17:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/09/11 04:02:22 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
========== Modules (No Company Name) ========== MOD - [2018/11/14 09:00:39 | 019,974,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\72f6f14dea7755ecc0a699a13ac2d2ac\System.ServiceModel.ni.dll
MOD - [2018/11/14 09:00:24 | 000,530,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\5d3a65f361e9d65944252036b6b3e34b\System.Net.Http.ni.dll
MOD - [2018/11/14 09:00:09 | 000,396,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\fb4ec630bb495b05a94e130a82cb39f6\System.Xml.Linq.ni.dll
MOD - [2018/11/14 08:59:39 | 000,524,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\dfbffab769acac73d5865a68a97b5c11\UIAutomationTypes.ni.dll
MOD - [2018/11/14 08:59:36 | 000,017,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\1ac35f9fca61015c61f8deab39bbc967\PresentationFramework-SystemXml.ni.dll
MOD - [2018/11/14 08:59:33 | 000,022,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a6349c#\b1c039ddc8d05089af62cd3ffe589cc1\PresentationFramework-SystemCore.ni.dll
MOD - [2018/11/14 06:36:34 | 002,850,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\728ca64696aa577d65b4ee0dfb13d67b\System.Runtime.Serialization.ni.dll
MOD - [2018/11/14 06:36:25 | 013,971,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\47df519154ec329f37b6d1ce1ef38614\System.Web.ni.dll
MOD - [2018/11/14 06:36:18 | 007,589,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\8de2fd7c4d86442b01354b229c65fb05\System.Xml.ni.dll
MOD - [2018/11/14 06:36:12 | 019,945,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\d88693df9518fbec7e8818e06182d8bb\PresentationFramework.ni.dll
MOD - [2018/11/14 06:36:11 | 000,811,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\14d9026fd5f2f91da76bb2391285ac92\System.Runtime.Remoting.ni.dll
MOD - [2018/11/14 06:36:05 | 013,740,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\111666b196e039bc59758dc6f30a7107\System.Windows.Forms.ni.dll
MOD - [2018/11/14 06:35:57 | 001,646,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\65a4729541f4a974fc5efe9cc3ac33c7\System.Drawing.ni.dll
MOD - [2018/11/14 06:35:56 | 012,231,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8eb135b8a1cb3d997279ce56b3d0fbb1\PresentationCore.ni.dll
MOD - [2018/11/14 06:35:56 | 002,035,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\2c6450a047d66385bfc61452fd3a9105\System.Xaml.ni.dll
MOD - [2018/11/14 06:35:50 | 001,020,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\35f8b5cc8f49e6c2c9d5497c225474ff\System.Configuration.ni.dll
MOD - [2018/11/14 06:35:48 | 008,268,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\19eccc441e56bfbe235c8d7ad26050ff\System.Data.ni.dll
MOD - [2018/11/14 06:35:47 | 004,126,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\f03523a47efac64c80036b5114d47d2e\WindowsBase.ni.dll
MOD - [2018/11/14 06:35:40 | 008,246,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\617b0fe3f9f60925590d44aec6d917de\System.Core.ni.dll
MOD - [2018/11/14 06:35:36 | 000,304,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatiod51afaa5#\0405261f5845372fc040e23e55b44c91\PresentationFramework.classic.ni.dll
MOD - [2018/11/14 06:35:30 | 010,542,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\5b8db91804b447cbd196a4f28ded55a7\System.ni.dll
MOD - [2018/11/14 06:35:20 | 020,514,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\31202f32d626603baaac9a296830c313\mscorlib.ni.dll
MOD - [2018/11/06 08:09:18 | 000,029,040 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
MOD - [2018/11/06 08:09:16 | 000,061,792 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
MOD - [2018/11/06 08:09:16 | 000,051,552 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
MOD - [2018/11/06 08:09:16 | 000,028,520 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
MOD - [2018/11/06 08:09:14 | 000,033,632 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
MOD - [2018/11/06 08:09:14 | 000,029,544 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
MOD - [2018/11/06 08:09:14 | 000,025,960 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
MOD - [2018/11/06 08:09:12 | 000,028,520 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
MOD - [2018/11/06 08:09:12 | 000,028,008 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
MOD - [2018/11/06 08:09:12 | 000,025,448 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
MOD - [2018/11/06 08:09:10 | 000,034,664 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
MOD - [2018/11/06 08:09:10 | 000,025,960 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
MOD - [2018/11/06 08:09:08 | 000,025,960 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
MOD - [2018/11/06 08:09:08 | 000,025,448 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd
MOD - [2018/11/06 08:09:06 | 000,068,968 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
MOD - [2018/11/06 08:09:06 | 000,035,680 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
MOD - [2018/11/06 08:09:04 | 000,401,752 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
MOD - [2018/11/06 08:09:02 | 000,092,488 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
MOD - [2018/11/06 08:09:02 | 000,023,376 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
MOD - [2018/11/06 08:08:30 | 003,821,392 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
MOD - [2018/11/06 08:08:30 | 000,102,736 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
MOD - [2018/11/06 08:08:28 | 000,218,456 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
MOD - [2018/11/06 08:08:28 | 000,132,944 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
MOD - [2018/11/06 08:08:26 | 000,156,504 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
MOD - [2018/11/06 08:08:26 | 000,052,056 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
MOD - [2018/11/06 08:08:26 | 000,044,888 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
MOD - [2018/11/06 08:08:26 | 000,037,200 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
MOD - [2018/11/06 08:08:24 | 000,530,768 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
MOD - [2018/11/06 08:08:24 | 000,348,496 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
MOD - [2018/11/06 08:08:24 | 000,205,656 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
MOD - [2018/11/06 08:08:22 | 001,929,552 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
MOD - [2018/11/06 08:08:22 | 000,518,992 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
MOD - [2018/11/06 08:08:20 | 001,778,000 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
MOD - [2018/11/06 08:08:18 | 011,144,016 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd
MOD - [2018/11/06 08:08:18 | 000,074,072 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
MOD - [2018/11/06 08:08:16 | 001,592,128 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
MOD - [2018/11/06 08:08:16 | 000,029,024 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
MOD - [2018/11/06 08:08:14 | 000,083,784 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
MOD - [2018/11/06 08:08:14 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\libEGL.dll
MOD - [2018/11/06 08:08:12 | 000,433,992 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.dll
MOD - [2018/11/06 08:08:08 | 001,953,640 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
MOD - [2018/11/06 08:08:08 | 000,031,600 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
MOD - [2018/11/06 08:08:08 | 000,025,960 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
MOD - [2018/11/06 08:08:06 | 000,027,488 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
MOD - [2018/11/06 08:08:06 | 000,025,944 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
MOD - [2018/11/06 08:08:06 | 000,025,456 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
MOD - [2018/11/06 08:06:54 | 002,103,112 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
MOD - [2018/11/06 08:06:54 | 001,141,064 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
MOD - [2018/11/06 08:06:54 | 000,418,776 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
MOD - [2018/11/06 08:06:54 | 000,118,232 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
MOD - [2018/11/06 08:06:54 | 000,036,312 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\librsync.dll
MOD - [2018/11/06 08:06:42 | 000,486,880 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,182,752 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,142,312 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,131,552 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,119,272 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,109,024 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,065,504 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,061,408 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,053,736 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,049,128 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,032,224 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,028,640 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,027,624 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,027,616 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,027,616 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,026,600 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
MOD - [2018/11/06 08:06:42 | 000,023,520 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
========== Services (SafeList) ========== SRV:
64bit: - [2018/11/06 08:06:54 | 000,051,024 | ---- | M] (Dropbox, Inc.) [Auto | Running] -- C:\Windows\SysNative\DbxSvc.exe -- (DbxSvc)
SRV:
64bit: - [2018/10/11 21:00:18 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:
64bit: - [2018/09/27 03:44:16 | 000,405,392 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.11.812\McCHSvc.exe -- (McComponentHostService)
SRV:
64bit: - [2018/08/13 16:49:28 | 001,391,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:
64bit: - [2017/11/21 22:42:19 | 000,332,216 | ---- | M] (HP Inc.) [Auto | Running] -- C:\Program Files\hp\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe -- (HPTouchpointAnalyticsService)
SRV:
64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2010/08/05 22:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV - [2018/11/23 03:37:57 | 000,216,528 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2018/11/21 06:02:27 | 000,335,872 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2018/11/19 12:31:51 | 000,100,808 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\ulcore\1542633654\fsorsp64.exe -- (fsulorsp)
SRV - [2018/11/19 12:31:19 | 000,580,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\ulcore\1542633654\fsulprothoster.exe -- (fsulprothoster)
SRV - [2018/11/19 12:31:19 | 000,580,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\ulcore\1542633654\fshoster64.exe -- (fsulnethoster)
SRV - [2018/11/19 12:31:19 | 000,580,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\ulcore\1542633654\fshoster64.exe -- (fsulhoster)
SRV - [2018/10/05 16:08:26 | 000,213,448 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\fshoster32.exe -- (fsnethoster)
SRV - [2018/10/05 16:08:26 | 000,213,448 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Frontier\fshoster32.exe -- (fshoster)
SRV - [2018/06/13 07:00:58 | 000,333,688 | ---- | M] (HP Inc.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2018/03/26 15:24:54 | 000,107,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2018/01/23 14:02:16 | 000,320,944 | ---- | M] (AnchorFree Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe -- (McAfee Vpn Service)
SRV - [2017/11/08 11:03:20 | 001,793,088 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2016/11/04 17:30:35 | 000,143,144 | ---- | M] (Dropbox, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdatem)
SRV - [2016/11/04 17:30:35 | 000,143,144 | ---- | M] (Dropbox, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdate)
SRV - [2014/10/08 17:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2014/10/08 17:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2014/03/20 17:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2010/09/11 04:02:22 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/06/18 20:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2018/08/07 05:50:30 | 000,065,872 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts)
DRV:
64bit: - [2018/01/23 14:02:16 | 000,048,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aftap0901.sys -- (aftap0901)
DRV:
64bit: - [2017/10/10 20:42:04 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:
64bit: - [2016/08/08 20:52:01 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:
64bit: - [2014/10/08 17:18:54 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:
64bit: - [2014/10/08 17:18:54 | 000,029,352 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:
64bit: - [2014/10/08 17:18:54 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:
64bit: - [2014/10/08 17:18:50 | 000,766,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:
64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/09/03 01:59:26 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2010/04/20 23:18:44 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2010/02/26 04:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:
64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2018/11/22 06:19:37 | 000,109,616 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\nif\1542882815\fsni64.sys -- (fsni)
DRV - [2018/11/19 12:31:25 | 000,251,560 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\ulcore\1542633654\fsulgk.sys -- (F-Secure Gatekeeper)
DRV - [2018/11/19 12:31:08 | 000,102,048 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Frontier\apps\Ultralight\ulcore\1542633654\fshs.sys -- (F-Secure UL HIPS)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:
64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" =
http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE:
64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" =
http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE:
64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" =
http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:
64bit: - HKLM\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" =
http://rover.ebay.com/rover/1/711-11109 ... 4?satitle={searchTerms}&mfe=Desktops
IE:
64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:
64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE:
64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" =
http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" =
http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" =
http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" =
http://rover.ebay.com/rover/1/711-11109 ... 4?satitle={searchTerms}&mfe=Desktops
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?pc=UE07&ocid=UE07DHPIE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 42 9B 46 B7 80 B7 D1 01 [binary data]
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = F7 D8 F5 BC 7B B7 D1 01 [binary data]
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.cohort: "nov17-2"
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.region: "US"
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Dave\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ols@f-secure.com: C:\PROGRAM FILES (X86)\FRONTIER\APPS\ULTRALIGHT\NIF\1542882815\BROWSER\INSTALL\FS_FIREFOX_HTTPS\FS_FIREFOX_HTTPS.XPI [2018/11/22 06:19:36 | 000,024,300 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 63.0.3\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 63.0.3\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ols@f-secure.com: C:\Program Files (x86)\Frontier\apps\Ultralight\nif\1542882815\browser\install\fs_firefox_https\fs_firefox_https.xpi [2018/11/22 06:19:36 | 000,024,300 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 63.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 63.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011/05/12 15:10:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Extensions
[2017/11/17 00:21:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\SystemExtensionsDev
[2018/09/18 07:20:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5folwg29.default-1520381846524\browser-extension-data
[2018/09/18 07:20:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5folwg29.default-1520381846524\browser-extension-data\fxmonitor@mozilla.org
[2018/06/28 06:30:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5folwg29.default-1520381846524\browser-extension-data\screenshots@mozilla.org
[2018/09/13 05:59:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5folwg29.default-1520381846524\extensions
[2018/02/10 08:40:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\browser-extension-data
[2018/02/10 08:40:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\browser-extension-data\@Package
[2018/03/06 19:15:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\browser-extension-data\_1cMembers_@www.bringmesports.com
[2018/03/06 19:15:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\browser-extension-data\_fwMembers_@free.howtosuite.com
[2018/03/06 19:17:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\browser-extension-data\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2018/02/09 10:50:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\browser-extension-data\screenshots@mozilla.org
[2018/02/10 08:40:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\extensions
[2018/11/23 07:13:20 | 000,049,869 | ---- | M] () (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5folwg29.default-1520381846524\features\{3ec76d73-4062-43a3-b9b0-bf04372f3647}\fxmonitor@mozilla.org.xpi
[2018/02/10 08:40:33 | 000,015,319 | ---- | M] () (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\extensions\@Package.xpi
[2017/11/10 22:54:36 | 000,054,364 | ---- | M] () (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\extensions\_1cMembers_@www.bringmesports.com.xpi
[2017/11/10 22:54:42 | 000,047,299 | ---- | M] () (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\extensions\_fwMembers_@free.howtosuite.com.xpi
[2017/12/12 08:28:16 | 001,044,671 | ---- | M] () (No name found) -- C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\tp4ie5ec.default-1453638117559\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/11/18 05:16:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2016/11/18 05:16:14 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
========== Chrome ========== CHR - Extension: No name found = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\3.4.1_0\
CHR - Extension: No name found = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb\2.6.0_0\
CHR - Extension: No name found = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.34.0_0\
CHR - Extension: No name found = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\
CHR - Extension: No name found = C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7018.903.0.0_0\
O1 HOSTS File: ([2018/09/27 11:11:52 | 000,000,409 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2:
64bit: - BHO: (Browsing Protection by F-Secure) - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\Frontier\apps\Ultralight\nif\1542882815\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation)
O2:
64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (HP Inc.)
O2:
64bit: - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Eyeo GmbH)
O2 - BHO: (Browsing Protection by F-Secure) - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\Frontier\apps\Ultralight\nif\1542882815\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (HP Inc.)
O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Eyeo GmbH)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dropbox] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000..\Run: [McAfeeSafeConnect] C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe (McAfee Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3163805340-3622416273-1517007468-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:
64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O9:
64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A2454C5-C2E9-4D1B-92B8-9D69E2103883}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBF78C88-3FBB-4286-9B47-330DB71E5269}: DhcpNameServer = 8.8.8.8 8.8.4.4
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2018/11/14 06:30:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2018/11/14 01:00:41 | 002,319,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2018/11/14 01:00:41 | 002,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2018/11/14 01:00:41 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2018/11/14 01:00:41 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2018/11/14 01:00:41 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2018/11/14 01:00:39 | 005,551,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2018/11/14 01:00:39 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2018/11/14 01:00:39 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2018/11/14 01:00:38 | 001,211,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2018/11/14 01:00:38 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2018/11/14 01:00:38 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2018/11/14 01:00:38 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
[2018/11/14 01:00:38 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2018/11/14 01:00:37 | 004,054,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2018/11/14 01:00:37 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2018/11/14 01:00:37 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2018/11/14 01:00:37 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2018/11/14 01:00:36 | 003,960,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2018/11/14 01:00:36 | 001,664,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2018/11/14 01:00:36 | 000,969,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2018/11/14 01:00:35 | 005,779,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2018/11/14 01:00:35 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2018/11/14 01:00:35 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2018/11/14 01:00:34 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2018/11/14 01:00:34 | 000,708,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2018/11/14 01:00:34 | 000,262,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2018/11/14 01:00:34 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2018/11/14 01:00:33 | 000,631,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2018/11/14 01:00:33 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2018/11/14 01:00:32 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2018/11/14 01:00:32 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2018/11/14 01:00:32 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2018/11/14 01:00:32 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshcon.dll
[2018/11/14 01:00:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dispex.dll
[2018/11/14 01:00:31 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2018/11/14 01:00:31 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2018/11/14 01:00:31 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2018/11/14 01:00:30 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2018/11/14 01:00:30 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2018/11/14 01:00:30 | 000,809,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2018/11/14 01:00:30 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2018/11/14 01:00:30 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2018/11/14 01:00:30 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2018/11/14 01:00:30 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshcon.dll
[2018/11/14 01:00:30 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dispex.dll
[2018/11/14 01:00:29 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2018/11/14 01:00:29 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2018/11/14 01:00:29 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2018/11/14 01:00:28 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2018/11/14 01:00:28 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2018/11/14 01:00:28 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2018/11/14 01:00:28 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2018/11/14 01:00:28 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2018/11/14 01:00:28 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys
[2018/11/14 01:00:28 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2018/11/14 01:00:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2018/11/14 01:00:28 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2018/11/14 01:00:28 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2018/11/14 01:00:28 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2018/11/14 01:00:28 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2018/11/14 01:00:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2018/11/14 01:00:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2018/11/14 01:00:27 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2018/11/14 01:00:27 | 002,059,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2018/11/14 01:00:27 | 000,794,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2018/11/14 01:00:27 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2018/11/14 01:00:27 | 000,662,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2018/11/14 01:00:27 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2018/11/14 01:00:27 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2018/11/14 01:00:27 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2018/11/14 01:00:27 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2018/11/14 01:00:27 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2018/11/14 01:00:27 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2018/11/14 01:00:27 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2018/11/14 01:00:27 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2018/11/14 01:00:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2018/11/14 01:00:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2018/11/14 01:00:27 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2018/11/14 01:00:27 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2018/11/14 01:00:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2018/11/14 01:00:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2018/11/14 01:00:27 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comcat.dll
[2018/11/14 01:00:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2018/11/14 01:00:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2018/11/14 01:00:26 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2018/11/14 01:00:26 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2018/11/14 01:00:26 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2018/11/14 01:00:26 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2018/11/14 01:00:26 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2018/11/14 01:00:26 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2018/11/14 01:00:26 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2018/11/14 01:00:26 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2018/11/14 01:00:26 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2018/11/14 01:00:26 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2018/11/14 01:00:26 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
[2018/11/14 01:00:26 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2018/11/14 01:00:26 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2018/11/14 01:00:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comcat.dll
[2018/11/14 01:00:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2018/11/14 01:00:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2018/11/14 01:00:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2018/11/14 01:00:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2018/11/14 01:00:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2018/11/14 01:00:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2018/11/14 01:00:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2018/11/14 01:00:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2018/11/14 01:00:25 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2018/11/14 01:00:25 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2018/11/14 01:00:25 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2018/11/14 01:00:25 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2018/11/14 01:00:25 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2018/11/14 01:00:25 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2018/11/14 01:00:25 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2018/11/14 01:00:25 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2018/11/14 01:00:25 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2018/11/14 01:00:25 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2018/11/14 01:00:25 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2018/11/14 01:00:25 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2018/11/14 01:00:25 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2018/11/14 01:00:25 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2018/11/14 01:00:25 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2018/11/14 01:00:25 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2018/11/14 01:00:25 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2018/11/14 01:00:25 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2018/11/14 01:00:25 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2018/11/14 01:00:25 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2018/11/14 01:00:25 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2018/11/14 01:00:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2018/11/14 01:00:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2018/11/14 01:00:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2018/11/14 01:00:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2018/11/14 01:00:25 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2018/11/14 01:00:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2018/11/14 01:00:25 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2018/11/14 01:00:25 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2018/11/14 01:00:25 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2018/11/14 01:00:25 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleres.dll
[2018/11/14 01:00:25 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleres.dll
[2018/11/14 01:00:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2018/11/14 01:00:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2018/11/14 01:00:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2018/11/14 01:00:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2018/11/14 01:00:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2018/11/14 01:00:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2018/11/14 01:00:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2018/11/14 01:00:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2018/11/08 05:54:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
[2018/11/07 06:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frontier Secure
[2018/11/06 08:06:54 | 000,051,024 | ---- | C] (Dropbox, Inc.) -- C:\Windows\SysNative\DbxSvc.exe
[2018/11/06 08:06:54 | 000,047,768 | ---- | C] (Dropbox, Inc.) -- C:\Windows\SysNative\drivers\dbx-dev.sys
[2018/11/06 08:06:54 | 000,047,768 | ---- | C] (Dropbox, Inc.) -- C:\Windows\SysNative\drivers\dbx-canary.sys
[2018/11/06 08:06:54 | 000,045,640 | ---- | C] (Dropbox, Inc.) -- C:\Windows\SysNative\drivers\dbx-stable.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2018/11/26 08:25:23 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018/11/26 08:25:23 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018/11/26 07:44:45 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskMachineUA.job
[2018/11/26 07:33:30 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskMachineCore.job
[2018/11/26 07:33:09 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDave.job
[2018/11/26 07:33:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018/11/26 07:32:51 | 3193,839,616 | -HS- | M] () -- C:\hiberfil.sys
[2018/11/21 06:02:27 | 000,842,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2018/11/21 06:02:27 | 000,175,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2018/11/19 12:54:30 | 000,002,145 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018/11/14 07:17:43 | 000,783,464 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018/11/14 07:17:43 | 000,662,852 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2018/11/14 07:17:43 | 000,122,462 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2018/11/14 07:08:31 | 000,283,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2018/11/14 06:33:05 | 000,775,586 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2018/11/10 20:29:02 | 005,551,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2018/11/10 20:28:59 | 000,708,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2018/11/10 20:28:49 | 000,262,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2018/11/10 20:27:51 | 000,631,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2018/11/10 20:27:47 | 001,664,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2018/11/10 20:26:16 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2018/11/10 20:26:16 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2018/11/10 20:26:16 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2018/11/10 20:26:14 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2018/11/10 20:26:07 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2018/11/10 20:26:07 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2018/11/10 20:26:06 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2018/11/10 20:26:06 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2018/11/10 20:26:00 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2018/11/10 20:25:59 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2018/11/10 20:25:57 | 001,211,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2018/11/10 20:25:57 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2018/11/10 20:25:52 | 002,072,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2018/11/10 20:25:52 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleres.dll
[2018/11/10 20:25:51 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2018/11/10 20:25:48 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2018/11/10 20:25:44 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2018/11/10 20:25:42 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2018/11/10 20:25:36 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2018/11/10 20:25:34 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2018/11/10 20:25:34 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2018/11/10 20:24:58 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2018/11/10 20:24:57 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2018/11/10 20:24:56 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\comcat.dll
[2018/11/10 20:24:39 | 000,463,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2018/11/10 20:24:32 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2018/11/10 20:24:28 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2018/11/10 20:24:28 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2018/11/10 20:24:28 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2018/11/10 20:24:28 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2018/11/10 20:24:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2018/11/10 20:24:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2018/11/10 20:24:27 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2018/11/10 20:24:27 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2018/11/10 20:24:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2018/11/10 20:24:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2018/11/10 20:24:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2018/11/10 20:24:27 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2018/11/10 20:24:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2018/11/10 20:24:26 | 000,880,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2018/11/10 20:24:26 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2018/11/10 20:14:50 | 004,054,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2018/11/10 20:14:15 | 003,960,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2018/11/10 20:11:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2018/11/10 20:10:57 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2018/11/10 20:10:52 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\oleres.dll
[2018/11/10 20:10:44 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2018/11/10 20:10:42 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2018/11/10 20:09:59 | 000,342,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2018/11/10 20:09:52 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2018/11/10 20:09:52 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2018/11/10 20:09:51 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2018/11/10 20:09:51 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2018/11/10 20:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2018/11/10 20:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2018/11/10 20:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2018/11/10 20:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2018/11/10 20:09:51 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2018/11/10 20:09:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2018/11/10 20:09:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2018/11/10 20:09:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2018/11/10 20:09:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2018/11/10 20:09:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2018/11/10 20:09:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2018/11/10 19:53:09 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2018/11/10 19:53:05 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2018/11/10 19:52:19 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2018/11/10 19:48:53 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2018/11/10 19:48:19 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys
[2018/11/10 19:47:54 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2018/11/10 19:47:49 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\comcat.dll
[2018/11/10 19:45:37 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2018/11/10 19:43:14 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2018/11/10 19:41:14 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2018/11/10 19:41:12 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2018/11/10 19:41:12 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2018/11/10 19:41:11 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2018/11/10 19:40:01 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2018/11/10 19:40:01 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2018/11/10 19:40:01 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2018/11/10 19:40:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2018/11/07 06:05:56 | 000,001,923 | ---- | M] () -- C:\Users\Public\Desktop\Computer Security.lnk
[2018/11/06 08:06:54 | 000,051,024 | ---- | M] (Dropbox, Inc.) -- C:\Windows\SysNative\DbxSvc.exe
[2018/11/06 08:06:54 | 000,047,768 | ---- | M] (Dropbox, Inc.) -- C:\Windows\SysNative\drivers\dbx-dev.sys
[2018/11/06 08:06:54 | 000,047,768 | ---- | M] (Dropbox, Inc.) -- C:\Windows\SysNative\drivers\dbx-canary.sys
[2018/11/06 08:06:54 | 000,045,640 | ---- | M] (Dropbox, Inc.) -- C:\Windows\SysNative\drivers\dbx-stable.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ========== [2017/08/10 05:02:43 | 000,518,144 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/09/01 09:41:14 | 000,000,258 | RHS- | C] () -- C:\Users\Dave\ntuser.pol
[2013/06/28 09:39:15 | 000,007,606 | ---- | C] () -- C:\Users\Dave\AppData\Local\Resmon.ResmonCfg
========== ZeroAccess Check ========== [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2018/08/13 10:54:39 | 014,183,936 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2018/08/13 10:40:58 | 012,880,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ========== [2013/09/01 11:31:51 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\24x7 Help
[2011/05/12 19:29:54 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\Absolute Poker
[2013/10/16 16:41:28 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\betonline
[2015/06/04 09:53:41 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\Bitcoin
[2012/04/06 22:32:47 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\Blio
[2017/12/03 09:45:33 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\bovada-lv-poker
[2013/03/16 07:08:22 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\DriverCure
[2015/06/10 10:42:58 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\Dropbox
[2015/11/24 11:45:03 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\F-Secure
[2014/12/30 08:00:45 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\fullflush
[2013/07/02 10:22:14 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\HoolappForAndroid
[2011/05/12 14:25:50 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\PictureMover
[2018/10/19 20:31:38 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\poker-client-electron-common
[2015/05/30 09:40:34 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\SoftGrid Client
[2012/10/06 16:51:23 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\TP
[2013/03/16 07:08:22 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\Turbo My Speed
[2014/09/04 14:51:05 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\UpdaterEX
[2011/11/11 10:33:57 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\WinBatch
[2018/02/10 08:09:39 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\Windows Live Writer
[2012/10/15 07:19:36 | 000,000,000 | ---D | M] -- C:\Users\Dave\AppData\Roaming\{90140011-0066-0409-0000-0000000FF1CE}
========== Purity Check ========== < End of report >