HitmanPro.Alert BETA

Discussion in 'other anti-malware software' started by erikloman, May 30, 2017.

  1. HempOil

    HempOil Registered Member

    Joined:
    Jun 15, 2015
    Posts:
    176
    Location:
    Canada
    Initiated a "scan for update" and was prompted to reboot. I have been running Build 857 beta for 7 days now and it has been running flawlessly.
     
  2. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    194
    There was a false alarm when I tried to access play.google.com with my gmail account in Firefox. HitmanPro.Alet Version 3.8.0 build 857, BETA Windows 10 Pro 64bit Version1909 build 18363.535, Firefox 71.0 (64 bites)

    2019-12-23_053516.jpg

    Loaded Modules (141)
    -----------------------------------------------------------------------------
    00007FF747500000-00007FF747591000 firefox.exe (Mozilla Corporation),
    version: 71.0
    00007FFCEC920000-00007FFCECB10000 ntdll.dll (Microsoft Corporation),
    version: 10.0.18362.418 (WinBuild.160101.0800)
    00007FFCEC3E0000-00007FFCEC492000 KERNEL32.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFCE94D0000-00007FFCE95E7000 hmpalert.dll (SurfRight B.V.),
    version: 3.8.0.857
    00007FFCE99C0000-00007FFCE9C63000 KERNELBASE.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFCEC800000-00007FFCEC8A3000 ADVAPI32.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFCEBFC0000-00007FFCEC05E000 msvcrt.dll (Microsoft Corporation),
    version: 7.0.18362.1 (WinBuild.160101.0800)
    00007FFCEB050000-00007FFCEB0E7000 sechost.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFCEBE30000-00007FFCEBF50000 RPCRT4.dll (Microsoft Corporation),
    version: 10.0.18362.476 (WinBuild.160101.0800)
    00007FFCE9E30000-00007FFCE9F2A000 ucrtbase.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCDD2C0000-00007FFCDD340000 mozglue.dll (Mozilla Foundation),
    version: 71.0
    00007FFCEA6E0000-00007FFCEA829000 CRYPT32.dll (Microsoft Corporation),
    version: 10.0.18362.476 (WinBuild.160101.0800)
    00007FFCE9890000-00007FFCE98A2000 MSASN1.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE9DD0000-00007FFCE9E2C000 WINTRUST.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCCA500000-00007FFCCA59B000 MSVCP140.dll (Microsoft Corporation),
    version: 14.15.26706.0 built by: VCTOOLSREL
    00007FFCE6130000-00007FFCE6146000 VCRUNTIME140.dll (Microsoft Corporation),
    version: 14.15.26706.0 built by: VCTOOLSREL
    00007FFCE2030000-00007FFCE203A000 VERSION.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCDEB10000-00007FFCDED04000 dbghelp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE9110000-00007FFCE911C000 CRYPTBASE.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE9D50000-00007FFCE9DD0000 bcryptPrimitives.dll (Microsoft Corporation),
    version: 10.0.18362.295 (WinBuild.160101.0800)
    00007FFCCACB0000-00007FFCCAD1B000 eOppMonitor.dll (ESET),
    version: 1.0.17.0
    00007FFCE6070000-00007FFCE60A7000 eplgFirefox.dll (ESET),
    version: 1.0.64.0
    00007FFCEC660000-00007FFCEC7F4000 user32.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFCE9F30000-00007FFCE9F51000 win32u.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFCEC8B0000-00007FFCEC8D6000 GDI32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCEA830000-00007FFCEA9C4000 gdi32full.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFCE9920000-00007FFCE99BE000 msvcp_win.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCEC3B0000-00007FFCEC3DE000 IMM32.DLL (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCC0B20000-00007FFCC0DC9000 nss3.dll (Mozilla Foundation),
    version: 71.0
    00007FFCEBC00000-00007FFCEBC6F000 WS2_32.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCE7640000-00007FFCE7664000 WINMM.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE6120000-00007FFCE6129000 WSOCK32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE7610000-00007FFCE763D000 WINMMBASE.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE98B0000-00007FFCE98FA000 cfgmgr32.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCDD3C0000-00007FFCDD3CD000 lgpllibs.dll (Mozilla Foundation),
    version: 71.0
    00007FFC81070000-00007FFC8778D000 xul.dll (Mozilla Foundation),
    version: 71.0
    00007FFCEB150000-00007FFCEB835000 SHELL32.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFCEA9D0000-00007FFCEAA79000 shcore.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCEC060000-00007FFCEC396000 combase.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFCE9F60000-00007FFCEA6DF000 windows.storage.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFCE9870000-00007FFCE988F000 profapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE9820000-00007FFCE986A000 powrprof.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE97F0000-00007FFCE9800000 UMPDC.dll (),
    version:
    00007FFCEB0F0000-00007FFCEB142000 shlwapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE9800000-00007FFCE9811000 kernel.appcore.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE9900000-00007FFCE9917000 cryptsp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCEAA80000-00007FFCEABD6000 ole32.dll (Microsoft Corporation),
    version: 10.0.18362.113 (WinBuild.160101.0800)
    00007FFCEABE0000-00007FFCEB050000 SETUPAPI.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE9C70000-00007FFCE9C96000 bcrypt.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFCEBC70000-00007FFCEBD34000 OLEAUT32.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFCE50B0000-00007FFCE50BA000 AVRT.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCD95D0000-00007FFCD95E9000 USP10.dll (Microsoft Corporation),
    version: 10.0.18362.476 (WinBuild.160101.0800)
    00007FFCE6CB0000-00007FFCE6F0B000 d3d11.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCE83D0000-00007FFCE84BB000 dxgi.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCE8C50000-00007FFCE8C8A000 IPHLPAPI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE7E70000-00007FFCE7E9D000 dwmapi.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFCE7A50000-00007FFCE7AE9000 UxTheme.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFCE61E0000-00007FFCE61F3000 WTSAPI32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCDF3A0000-00007FFCDF3BC000 dhcpcsvc.DLL (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFCEBFB0000-00007FFCEBFB8000 NSI.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFCE9710000-00007FFCE9735000 USERENV.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCE8340000-00007FFCE8360000 dxcore.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE8730000-00007FFCE8761000 ntmarta.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    0000000000650000-0000000000674000 ShellEh6055x64.dll (4t Niagara Software),
    version: 6.05.5.0.0
    00007FFCC98F0000-00007FFCC9BB5000 Start10_64.dll (Stardock Software, Inc),
    version: 1.8.0.0
    00007FFCEBBF0000-00007FFCEBBF8000 psapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCCC5E0000-00007FFCCC8DE000 dwrite.dll (Microsoft Corporation),
    version: 10.0.18362.476 (WinBuild.160101.0800)
    00007FFCDEAE0000-00007FFCDEB0A000 dbgcore.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCCB170000-00007FFCCB186000 napinsp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCEB9F0000-00007FFCEBA92000 clbcatq.dll (Microsoft Corporation),
    version: 2001.12.10941.16384 (WinBuild.160101.080
    00007FFCCAE90000-00007FFCCAEAA000 pnrpnsp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE8F40000-00007FFCE8FA7000 mswsock.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE8CA0000-00007FFCE8D6A000 DNSAPI.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFCCB160000-00007FFCCB16E000 winrnr.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE6020000-00007FFCE603C000 NLAapi.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCE5140000-00007FFCE5155000 wshbth.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE1E70000-00007FFCE1E7B000 WINNSI.DLL (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFCC5390000-00007FFCC5405000 webauthn.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFCE95F0000-00007FFCE961A000 DEVOBJ.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCEC520000-00007FFCEC655000 MSCTF.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFCC7610000-00007FFCC7625000 amsi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCC75D0000-00007FFCC760B000 eamsi.dll (ESET),
    version: 10.10.67.0
    00007FFCE87A0000-00007FFCE87FC000 WINSTA.dll (Microsoft Corporation),
    version: 10.0.18362.53 (WinBuild.160101.0800)
    00007FFCE6FE0000-00007FFCE71BB000 dcomp.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCE41D0000-00007FFCE427E000 mscms.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFCE41A0000-00007FFCE41B7000 ColorAdapterClient.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFCCDC80000-00007FFCCDD1E000 TextInputFramework.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFCE4A10000-00007FFCE4D3A000 CoreUIComponents.dll (Microsoft Corporation),
    version: 10.0.18362.207
    00007FFCE71C0000-00007FFCE7294000 CoreMessaging.dll (Microsoft Corporation),
    version: 10.0.18362.1
    00007FFCE53D0000-00007FFCE5523000 wintypes.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFCCE5E0000-00007FFCCE62B000 wscapi.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFCD9390000-00007FFCD9566000 urlmon.dll (Microsoft Corporation),
    version: 11.00.18362.449 (WinBuild.160101.0800)
    00007FFCDD480000-00007FFCDD726000 iertutil.dll (Microsoft Corporation),
    version: 11.00.18362.449 (WinBuild.160101.0800)
    00007FFCE2710000-00007FFCE2782000 MMDevApi.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCE2810000-00007FFCE296D000 AUDIOSES.DLL (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFCCDD20000-00007FFCCDE71000 Windows.UI.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCCDB60000-00007FFCCDC7A000 InputHost.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCE5F30000-00007FFCE601F000 PROPSYS.dll (Microsoft Corporation),
    version: 7.0.18362.267 (WinBuild.160101.0800)
    00007FFCE7B40000-00007FFCE7D9A000 twinapi.appcore.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE8030000-00007FFCE8059000 RMCLIENT.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFCB9A80000-00007FFCB9B21000 twinapi.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFCB86A0000-00007FFCB86DA000 dataexchange.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCCA350000-00007FFCCA39A000 softokn3.dll (Mozilla Foundation),
    version: 71.0
    00007FFCC9CB0000-00007FFCC9D4D000 freebl3.dll (Mozilla Foundation),
    version: 71.0
    00007FFCCA2E0000-00007FFCCA34A000 nssckbi.dll (Mozilla Foundation),
    version: 71.0
    00007FFCCB320000-00007FFCCB7F6000 WININET.dll (Microsoft Corporation),
    version: 11.00.18362.418 (WinBuild.160101.0800)
    00007FFCE96E0000-00007FFCE970F000 SspiCli.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE8AB0000-00007FFCE8AE3000 rsaenh.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE77F0000-00007FFCE7806000 ondemandconnroutehelper.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE2560000-00007FFCE2650000 winhttp.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFCE82F0000-00007FFCE8312000 gpapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCB8310000-00007FFCB8515000 explorerframe.dll (Microsoft Corporation),
    version: 10.0.18362.418 (WinBuild.160101.0800)
    00007FFCDD470000-00007FFCDD47A000 rasadhlp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCDEE90000-00007FFCDEF07000 fwpuclnt.dll (Microsoft Corporation),
    version: 10.0.18362.207 (WinBuild.160101.0800)
    00007FFCE3790000-00007FFCE3EFD000 OneCoreUAPCommonProxyStub.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFCDF1F0000-00007FFCDF206000 dhcpcsvc6.DLL (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFCC01E0000-00007FFCC01ED000 LINKINFO.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCC2510000-00007FFCC2589000 OneCoreCommonProxyStub.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCBFEE0000-00007FFCBFF5E000 ntshrui.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFCDEA90000-00007FFCDEAB6000 srvcli.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCC4950000-00007FFCC4962000 cscapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE5BD0000-00007FFCE5C56000 policymanager.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFCE6C20000-00007FFCE6CAA000 msvcp110_win.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCBEB50000-00007FFCBECE5000 TaskFlowDataEngine.dll (Microsoft Corporation),
    version: 10.0.18362.207 (WinBuild.160101.0800)
    00007FFCC4A10000-00007FFCC4F55000 cdp.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFCE6F10000-00007FFCE6FDF000 dsreg.dll (Microsoft Corporation),
    version: 10.0.18362.30 (WinBuild.160101.0800)
    00007FFCDD000000-00007FFCDD285000 comctl32.dll (Microsoft Corporation),
    version: 6.10 (WinBuild.160101.0800)
    00007FFCE4640000-00007FFCE47EF000 WindowsCodecs.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCBECF0000-00007FFCBED4E000 thumbcache.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCEBDA0000-00007FFCEBDBD000 imagehlp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCBFF60000-00007FFCBFF8F000 cryptnet.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCC24B0000-00007FFCC24D3000 edputil.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCCE1D0000-00007FFCCE20B000 mozavutil.dll (Mozilla Foundation),
    version: 71.0
    00007FFC8B0B0000-00007FFC8B382000 mozavcodec.dll (Mozilla Foundation),
    version: 71.0
    00007FFCE2AB0000-00007FFCE2CAA000 mfplat.dll (Microsoft Corporation),
    version: 10.0.18362.207 (WinBuild.160101.0800)
    00007FFCE27E0000-00007FFCE280F000 RTWorkQ.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE36A0000-00007FFCE3722000 mf.dll (Microsoft Corporation),
    version: 10.0.18362.476 (WinBuild.160101.0800)
    00007FFCDA210000-00007FFCDA233000 dxva2.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCCA440000-00007FFCCA4FC000 evr.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCC24A0000-00007FFCC24A9000 IconCodecService.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFCE9640000-00007FFCE96DD000 sxs.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    - MS skipped (0) -

    Process Trace
    1 C:\Program Files\Mozilla Firefox\firefox.exe [9928] 2019-12-23T04:02:21
    2 C:\Windows\explorer.exe [6484] 2019-12-23T03:50:57
    3 C:\Windows\System32\userinit.exe [6412] 2019-12-23T03:50:56 23.4s
    4 C:\Windows\System32\winlogon.exe [564] 2019-12-23T03:50:51
    winlogon.exe
    5 C:\Windows\System32\smss.exe [780] 2019-12-23T03:50:51 349ms
    \SystemRoot\System32\smss.exe 00000140 00000084
    6 C:\Windows\System32\smss.exe [460] 2019-12-23T03:50:45
    \SystemRoot\System32\smss.exe

    Dropped Files
    1 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++43a0cd70-7977-4485-8202-1f3c766c9e90^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    2 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\343FC677F983728DDD59F051EBC339C26D7CE06D
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    3 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\BDB5F19407627C30D87006FE6528E285EF6475D7
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    Read by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    4 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\BA99F871ED7B570FC1DB834035B78E879E35679E
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    5 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\43B23738D65CC56A39B98D206765CC3D44E2E582
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    6 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\94F032B0D2B73B457B24679EFCE5F08F2B82DBBC
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    7 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\30AF36C8A8FDBE49F0655EBA5C7B016D081FFBE0
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    8 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\219866CF15D23C6C3CD557E2923ADF7B3BF8257E
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    9 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\91E93609DCD2A036EEDA1E1CE32BA202A2FB9145
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    10 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\55EC13559D0F18D6CCE75CA691A31532781217C8
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    11 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\69D069CC95DE226A3A9737C12E7859DBF0C6E3D7
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    12 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\index.tmp
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    13 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\E613E41C563885724170355252939F56ADA46B9E
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    14 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\2C406379A711BEE261961D576ED0C67BA1F9BA91
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    15 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\7B2D146429C2B79F10A9BB6840BA2628B1CAC24D
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    16 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\49E3B642E2FF5A3BE63B20E7BD08F4F854B06459
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    17 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++d0c9cdf1-bd50-432c-be99-df1a2bec6c98^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    18 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++d0c9cdf1-bd50-432c-be99-df1a2bec6c98^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    19 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\sessionstore-backups\recovery.jsonlz4.tmp
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    20 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\0ECB0B8DCD050AA9A3637547277D1D67D8C57366
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    21 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\9CEE271A48F66C0E83354ED4CAF20ED6316FBE04
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    22 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\C27E8AB28783FDA53D812A0DFD3BD31B6FEA8876
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    23 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\4F8E48BD34F56203A32000828A720AB3CE598F46
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    24 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\786343521567DAC44EAEE95B3ECE151496F3F0C2
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    25 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\D01F60F382F793EBF9BD6A64E258883AE4C2A158
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    26 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\61022D365ED3D5F5BDF339D192FFD7CAF6B1AB26
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    27 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\10021E9BF34A448D2D03A0000612DF52887DC1A7
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    28 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\DF88D51DD9D27B0B82983D6DC9CCC57732C813E1
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    29 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\0C6AF2019716D19E7B1DCC2797F061504D863981
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    30 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\35E43FCADCCE0465C3A75C1FDC4BD47158C99960
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    31 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\A55545336AFFA9A153DC3A7F2F68605703B785BB
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    32 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\EA62120DA749606C029E19D597BCCD10205F5782
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    33 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\F110373A9F3C5C5FDA38E44B514C0B509CF4B931
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    34 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\6692155077BDBBACAB3175B35D74B0AD62437630
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    35 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\2497C44037E778DE0CB3A4845A1787DC049189CF
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    36 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\F6F2401A009CCF6E3B28B6D02C16F1899F874793
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    37 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\10AEB2E94BC6A41E5EC22AC1D95434826578F554
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    38 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\739E881FE849E39E0120F718E6491EB9ABDC3C9F
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    39 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\3DE1033D1165F9D849E6DFD8566ABB9179DB1D0F
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    40 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\E5687A5A95B3F0AD98EB11ADC95FC24BB423014D
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    41 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\94E919EE9325297726EFC63CEE4359FD863A68FE
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    42 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\4BF529BBE0225B1CFCD39FEB822CF3AD9D57F9F4
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    43 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++9bb16763-51bc-4865-800c-c0deb5b5c138^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    44 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++9bb16763-51bc-4865-800c-c0deb5b5c138^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    45 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage-sync.sqlite-journal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    46 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\72314F31F70D1233F36C88F597C72FA9CFE4C8B7
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    47 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++3f4a0798-7f84-45ff-8d52-8693aa298335\idb\1782160246ssensosi.sqlite-shm
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    48 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++3f4a0798-7f84-45ff-8d52-8693aa298335\idb\1782160246ssensosi.files\journals\389
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    49 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++3f4a0798-7f84-45ff-8d52-8693aa298335\idb\1782160246ssensosi.files\389
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    50 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++3f4a0798-7f84-45ff-8d52-8693aa298335\idb\1782160246ssensosi.files\journals\388
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    51 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++3f4a0798-7f84-45ff-8d52-8693aa298335\idb\1782160246ssensosi.sqlite-wal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    52 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++82a52bff-7ad4-4b9e-83cc-6e5ac6f84d24\idb\1275293905AedggauraortdSRsuel.sqlite-shm
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    53 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\permissions.sqlite-journal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    54 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++4829466b-c4a8-4c8a-8ff1-1058d5b2d9c4^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    55 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++43a0cd70-7977-4485-8202-1f3c766c9e90^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    56 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++32b85b94-1329-4c84-b15f-402ab545cbf7^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    57 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\extension-settings.json.tmp
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    58 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++8c920ebd-5b36-4914-b912-1ff7a5e4f670^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    59 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++0b2c835e-9147-448a-be97-abb181367619^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    60 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\63CDF04BB75D8CC65035D6E432CE223EA8BAE568
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    61 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\869FB26B14E75EA36A2E5D67DCE4CDDBF6245FD3
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    62 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\8F1FEC1596B4D8E184065F406C59C98D7F659586
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    63 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\568C4C8CEAC74ECB5D9A291B685E745972CE3005
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    64 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\8EC44F38B73B340EE3D5CD38527C5BE006C02637
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    65 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++82a52bff-7ad4-4b9e-83cc-6e5ac6f84d24\idb\1275293905AedggauraortdSRsuel.sqlite-wal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    66 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\7FF1731591F4175C9A250571F06AAB1C13E806DF
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    67 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++31206f0c-efe1-414a-9c8b-48f6fd170555^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    68 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++31206f0c-efe1-414a-9c8b-48f6fd170555^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    69 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++fbf58789-43f9-4156-859f-51716fc5b4c8^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    70 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++8c920ebd-5b36-4914-b912-1ff7a5e4f670^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    71 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++32b85b94-1329-4c84-b15f-402ab545cbf7^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    72 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++fbf58789-43f9-4156-859f-51716fc5b4c8^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    73 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\7E85B2C72F15261368E384BBF2CEE57B6449989E
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    74 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++0b2c835e-9147-448a-be97-abb181367619^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    75 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++4829466b-c4a8-4c8a-8ff1-1058d5b2d9c4^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    76 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\C3D20D4A8A4191C9FB2D70B83D13DEA234B8D3E6
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    77 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++82a52bff-7ad4-4b9e-83cc-6e5ac6f84d24^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-shm
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    78 C:\Users\Asrock\AppData\Roaming\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\storage\default\moz-extension+++82a52bff-7ad4-4b9e-83cc-6e5ac6f84d24^userContextId=4294967295\idb\3647222921wleabcEoxlt-eengsairo.sqlite-wal
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    79 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\951819864BC411AEBDA69B5881ABB6A9F43F0658
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    80 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\DD0BEDB4493F0B07DBB27FE319C6DE136A14BCE1
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    81 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\7CACFAC70CDDE2D91FFD6B8699503F9C1BEF3FAF
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    82 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\467278926FA6BE9CD4598AF97AD16B5222F3D911
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    83 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\55B3AEE5D6F6ABD7241593A3F270CD73475517AC
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    84 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\68F4C112A9D3EF291D0D16DEB0CDD48AAE48A19D
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    85 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\9DC9E396BE3FAA64AC4C714D5A7953A73D707FE6
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    86 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\2C8C2020567FAA57587D184E93701A6E735CEEFF
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    87 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\43A58BFD09A414D80B75C139085613E65869D15A
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    88 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\E445D73EE854D991056F737D263F5A11FFF0E703
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    89 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\99EBBB243FC1F18994AA416449D0C89B16953134
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    90 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\008E2EC5FE35E9EBA41E8DC8F24517F0A79CB7BF
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    91 C:\Users\Asrock\AppData\Local\Mozilla\Firefox\Profiles\fbh8d95u.default-1574745646527\cache2\entries\AC8EAFC4BC7DC174BB82C2C10CE7A57F09855112
    Dropped by \Device\HarddiskVolume8\Program Files\Mozilla Firefox\firefox.exe [9928]
    1 C:\Users\Asrock\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    Dropped by \Device\HarddiskVolume8\Windows\explorer.exe [6484]
    Read by \Device\HarddiskVolume8\Windows\explorer.exe [6484]
    2 C:\Users\Asrock\AppData\Local\Temp\Asrock.bmp
    Dropped by \Device\HarddiskVolume8\Windows\explorer.exe [6484]
    3 C:\Users\Asrock\AppData\Roaming\Microsoft\Windows\Themes\CachedFiles\CachedImage_2560_1440_POS0.jpg
    Dropped by \Device\HarddiskVolume8\Windows\explorer.exe [6484]

    Thumbprints
    3fa7daeac9d5e37bbc87ad495c86e3e9e7f574d1f0d88550434d11b5760fea6c
     

    Attached Files:

    Last edited: Dec 23, 2019
  3. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,819
    Location:
    Under a bushel ...
    With build 3.8.0 857 BETA, also had quite a few Firefox lockdowns (can't remember quite what I was doing, but I think were also be related to installs below),
    and CodeCave alerts for Boredom Software VT Hash Check execution, and Winaero Tweaker, Bullzip PDF Printer and AOMEI Backupper setup / installs.

    Normally have very few intercepts; didn't post here, but I can PM any reports if you're interested @RonnyT.

    'Noob'-type question, for future :rolleyes::D: How do I do a 'Spoiler'?
     
    Last edited: Dec 23, 2019
  4. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    13,382
    Location:
    UK
    See here
    Annotation 2019-12-23 070332.jpg
     
  5. feerf56

    feerf56 Registered Member

    Joined:
    Feb 24, 2015
    Posts:
    194
     
  6. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,819
    Location:
    Under a bushel ...
    I have PM'd @RonnyT how to do this without individually copying each alert (16).

    Excalibur.db maybe. Programdata>Reports is empty.

    Edit: Quick response, especially given that it's silly season! They have it now already, and will check it out in a VM.
     
    Last edited: Dec 23, 2019
  7. RonnyT

    RonnyT QA Engineer

    Joined:
    Aug 9, 2016
    Posts:
    211
    Location:
    Planet Earth
    The (Firefox) lockdown for IShellDispatch2 (*) alerts will be fixed in the next release, it was applied to to many applications and we have made some further improvements on this mitigation.
     
  8. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,819
    Location:
    Under a bushel ...
    857 beta.
    Lockdown downloading 'My Phone' app from Microsoft Store.
    May be as intended, but I do want the app.
    Is a 'whitelist', or temporary bypass of the intercept possible without stopping the service?

    Mitigation Lockdown
    Timestamp 2019-12-28T10:51:44

    Platform 10.0.18363/x64 v857 06_45
    PID 3484
    Feature 003D1A345FBFB0B6
    Application C:\Program Files\Mozilla Firefox\firefox.exe
    Created 2019-12-04T07:28:30
    Description Firefox 71

    IShellDispatch2("ms-windows-store://pdp/?productId=9NMPJ99VJBWV&ocid=&cid=&referrer=unistoreweb&scenario=click&webig=76e3b0e2-476a-4691-8e96-b9befc605625&muid=08803628226F63F434D93868236F6247&websession=&tduid=")

    Loaded Modules (161)
    -----------------------------------------------------------------------------
    00007FF72AE70000-00007FF72AF01000 firefox.exe (Mozilla Corporation),
    version: 71.0
    00007FFF13600000-00007FFF137F0000 ntdll.dll (Microsoft Corporation),
    version: 10.0.18362.418 (WinBuild.160101.0800)
    00007FFF11FB0000-00007FFF12062000 KERNEL32.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFF101B0000-00007FFF102C7000 hmpalert.dll (SurfRight B.V.),
    version: 3.8.0.857
    00007FFF112D0000-00007FFF11573000 KERNELBASE.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFF124F0000-00007FFF12593000 ADVAPI32.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFF12070000-00007FFF1210E000 msvcrt.dll (Microsoft Corporation),
    version: 7.0.18362.1 (WinBuild.160101.0800)
    00007FFF12240000-00007FFF122D7000 sechost.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFF125A0000-00007FFF126C0000 RPCRT4.dll (Microsoft Corporation),
    version: 10.0.18362.476 (WinBuild.160101.0800)
    00007FFF115B0000-00007FFF116AA000 ucrtbase.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFEFDD70000-00007FFEFDDF0000 mozglue.dll (Mozilla Foundation),
    version: 71.0
    00007FFF10660000-00007FFF107A9000 CRYPT32.dll (Microsoft Corporation),
    version: 10.0.18362.476 (WinBuild.160101.0800)
    00007FFF104E0000-00007FFF104F2000 MSASN1.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF10900000-00007FFF1095C000 WINTRUST.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFEFD090000-00007FFEFD129000 MSVCP140.dll (Microsoft Corporation),
    version: 14.22.27821.0 built by: vcwrkspc
    00007FFEFD070000-00007FFEFD086000 VCRUNTIME140.dll (Microsoft Corporation),
    version: 14.22.27821.0 built by: vcwrkspc
    00007FFF03150000-00007FFF0315A000 VERSION.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0E590000-00007FFF0E784000 dbghelp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0FDF0000-00007FFF0FDFC000 CRYPTBASE.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF10880000-00007FFF10900000 bcryptPrimitives.dll (Microsoft Corporation),
    version: 10.0.18362.295 (WinBuild.160101.0800)
    00007FFEEAFC0000-00007FFEEB06F000 a2hooks64.dll (Emsisoft Ltd),
    version: 2019.02.0.1903
    00007FFF122E0000-00007FFF12474000 USER32.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFF11580000-00007FFF115A1000 win32u.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFF126C0000-00007FFF126E6000 GDI32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF10960000-00007FFF10AF4000 gdi32full.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFF107B0000-00007FFF1084E000 msvcp_win.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFF12EC0000-00007FFF135A5000 SHELL32.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFF11280000-00007FFF112CA000 cfgmgr32.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFF116B0000-00007FFF11759000 shcore.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF12950000-00007FFF12C86000 combase.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFF10B00000-00007FFF1127F000 windows.storage.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFF10570000-00007FFF1058F000 profapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF10500000-00007FFF1054A000 powrprof.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF104D0000-00007FFF104E0000 UMPDC.dll (),
    version:
    00007FFF121E0000-00007FFF12232000 shlwapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF10550000-00007FFF10561000 kernel.appcore.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF10640000-00007FFF10657000 cryptsp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF117D0000-00007FFF117FE000 IMM32.DLL (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFF0F410000-00007FFF0F441000 ntmarta.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF08530000-00007FFF08546000 VCRUNTIME140.dll (Microsoft Corporation),
    version: 14.15.26706.0 built by: VCTOOLSREL
    00007FFED80B0000-00007FFED814B000 MSVCP140.dll (Microsoft Corporation),
    version: 14.15.26706.0 built by: VCTOOLSREL
    00007FFECED80000-00007FFECF029000 nss3.dll (Mozilla Foundation),
    version: 71.0
    00007FFF128E0000-00007FFF1294F000 WS2_32.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFF0DCB0000-00007FFF0DCD4000 WINMM.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFEFA4E0000-00007FFEFA4E9000 WSOCK32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0DC80000-00007FFF0DCAD000 WINMMBASE.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF08520000-00007FFF0852D000 lgpllibs.dll (Mozilla Foundation),
    version: 71.0
    00007FFEB9340000-00007FFEBFA5D000 xul.dll (Mozilla Foundation),
    version: 71.0
    00007FFF12D60000-00007FFF12EB6000 ole32.dll (Microsoft Corporation),
    version: 10.0.18362.113 (WinBuild.160101.0800)
    00007FFF11800000-00007FFF11C70000 SETUPAPI.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF10850000-00007FFF10876000 bcrypt.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFF12C90000-00007FFF12D54000 OLEAUT32.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFF0B0F0000-00007FFF0B0FA000 AVRT.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFED8330000-00007FFED8349000 USP10.dll (Microsoft Corporation),
    version: 10.0.18362.476 (WinBuild.160101.0800)
    00007FFF0CFB0000-00007FFF0D20B000 d3d11.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFF0F0B0000-00007FFF0F19B000 dxgi.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFF0F930000-00007FFF0F96A000 IPHLPAPI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0EA80000-00007FFF0EAAD000 dwmapi.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFF0DF00000-00007FFF0DF99000 UxTheme.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFF0BDC0000-00007FFF0BDD3000 WTSAPI32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF05660000-00007FFF0567C000 dhcpcsvc.DLL (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFF11CF0000-00007FFF11CF8000 NSI.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFF103F0000-00007FFF10415000 USERENV.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFF0F020000-00007FFF0F040000 dxcore.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF02E20000-00007FFF0311E000 dwrite.dll (Microsoft Corporation),
    version: 10.0.18362.476 (WinBuild.160101.0800)
    00007FFF135B0000-00007FFF135B8000 psapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF02AA0000-00007FFF02ACA000 dbgcore.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFEFCED0000-00007FFEFCEE6000 napinsp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF12830000-00007FFF128D2000 clbcatq.dll (Microsoft Corporation),
    version: 2001.12.10941.16384 (WinBuild.160101.080
    00007FFEF2210000-00007FFEF222A000 pnrpnsp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0FC20000-00007FFF0FC87000 mswsock.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0F980000-00007FFF0FA4A000 DNSAPI.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFEF9FF0000-00007FFEFA065000 webauthn.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFF102D0000-00007FFF102FA000 DEVOBJ.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFEF1C30000-00007FFEF1C3E000 winrnr.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0C360000-00007FFF0C37C000 NLAapi.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFF0B2B0000-00007FFF0B2C5000 wshbth.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0AB70000-00007FFF0ABAE000 netprofm.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    000001A752A00000-000001A752B35000 MSCTF.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFF0F480000-00007FFF0F4DC000 WINSTA.dll (Microsoft Corporation),
    version: 10.0.18362.53 (WinBuild.160101.0800)
    00007FFF03360000-00007FFF03370000 npmproxy.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFF009B0000-00007FFF009C1000 wbemprox.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF00920000-00007FFF009A4000 wbemcomn.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF05B40000-00007FFF05B4B000 WINNSI.DLL (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFF0D210000-00007FFF0D3EB000 dcomp.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFF09A70000-00007FFF09B1E000 mscms.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFF09A50000-00007FFF09A67000 ColorAdapterClient.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFF07C80000-00007FFF07CC3000 icm32.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFEFFF10000-00007FFEFFF24000 wbemsvc.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0DE90000-00007FFF0DEF5000 Oleacc.dll (Microsoft Corporation),
    version: 7.2.18362.1 (WinBuild.160101.0800)
    00007FFF000F0000-00007FFF001F1000 fastprox.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFEFFCC0000-00007FFEFFCD5000 amsi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFEFFC70000-00007FFEFFCB1000 eppcom64.dll (Emsisoft Ltd),
    version: 2018.12.0.1641
    00007FFEFFC20000-00007FFEFFC62000 WRusr.dll (Webroot),
    version: 9.0.26.59
    00007FFF0E030000-00007FFF0E037000 MSIMG32.dll (Microsoft Corporation),
    version: 10.0.18362.175 (WinBuild.160101.0800)
    00007FFF04AB0000-00007FFF04B4E000 TextInputFramework.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFF0ABB0000-00007FFF0AEDA000 CoreUIComponents.dll (Microsoft Corporation),
    version: 10.0.18362.207
    00007FFF0D3F0000-00007FFF0D4C4000 CoreMessaging.dll (Microsoft Corporation),
    version: 10.0.18362.1
    00007FFF0B770000-00007FFF0B8C3000 wintypes.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFEE9D10000-00007FFEE9D5B000 wscapi.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFF03180000-00007FFF03356000 urlmon.dll (Microsoft Corporation),
    version: 11.00.18362.449 (WinBuild.160101.0800)
    00007FFF03490000-00007FFF03736000 iertutil.dll (Microsoft Corporation),
    version: 11.00.18362.449 (WinBuild.160101.0800)
    00007FFF009D0000-00007FFF00A42000 MMDevApi.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFEFF050000-00007FFEFF1AD000 AUDIOSES.DLL (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFF04B50000-00007FFF04CA1000 Windows.UI.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFF04990000-00007FFF04AAA000 InputHost.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFF0E3B0000-00007FFF0E49F000 PROPSYS.dll (Microsoft Corporation),
    version: 7.0.18362.267 (WinBuild.160101.0800)
    00007FFEBFA60000-00007FFEC190B000 RoboForm-x64.DLL (Siber Systems Inc.),
    version: 8-6-5-5
    00007FFF12110000-00007FFF121E0000 COMDLG32.dll (Microsoft Corporation),
    version: 10.0.18362.418 (WinBuild.160101.0800)
    00007FFEF7740000-00007FFEF7C16000 WININET.dll (Microsoft Corporation),
    version: 11.00.18362.418 (WinBuild.160101.0800)
    00007FFF03140000-00007FFF0314C000 Secur32.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFEFB4C0000-00007FFEFB4DB000 MPR.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF01AF0000-00007FFF01D75000 COMCTL32.dll (Microsoft Corporation),
    version: 6.10 (WinBuild.160101.0800)
    00007FFF103C0000-00007FFF103EF000 SSPICLI.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFEE4A00000-00007FFEE4A3A000 dataexchange.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0E820000-00007FFF0EA7A000 twinapi.appcore.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0ED10000-00007FFF0ED39000 RMCLIENT.dll (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFEE2590000-00007FFEE2609000 OneCoreCommonProxyStub.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF04030000-00007FFF040D1000 twinapi.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFEEFD00000-00007FFEEFD4A000 softokn3.dll (Mozilla Foundation),
    version: 71.0
    00007FFED7DB0000-00007FFED7E4D000 freebl3.dll (Mozilla Foundation),
    version: 71.0
    00007FFED7CA0000-00007FFED7D0A000 nssckbi.dll (Mozilla Foundation),
    version: 71.0
    00007FFEED310000-00007FFEED326000 ondemandconnroutehelper.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0F790000-00007FFF0F7C3000 rsaenh.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0B440000-00007FFF0B530000 winhttp.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFF0EFD0000-00007FFF0EFF2000 gpapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF00B10000-00007FFF00B1A000 rasadhlp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF05320000-00007FFF05397000 fwpuclnt.dll (Microsoft Corporation),
    version: 10.0.18362.207 (WinBuild.160101.0800)
    00007FFF02890000-00007FFF02A95000 explorerframe.dll (Microsoft Corporation),
    version: 10.0.18362.418 (WinBuild.160101.0800)
    00007FFF09BD0000-00007FFF0A33D000 OneCoreUAPCommonProxyStub.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFF054B0000-00007FFF054C6000 dhcpcsvc6.DLL (Microsoft Corporation),
    version: 10.0.18362.267 (WinBuild.160101.0800)
    00007FFF0A850000-00007FFF0A9FF000 WindowsCodecs.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF05100000-00007FFF0515E000 thumbcache.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0BFA0000-00007FFF0C026000 policymanager.dll (Microsoft Corporation),
    version: 10.0.18362.387 (WinBuild.160101.0800)
    00007FFF0C040000-00007FFF0C0CA000 msvcp110_win.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF0BD30000-00007FFF0BD3D000 LINKINFO.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF02AF0000-00007FFF02B6E000 ntshrui.dll (Microsoft Corporation),
    version: 10.0.18362.329 (WinBuild.160101.0800)
    00007FFEFCB90000-00007FFEFCBB6000 srvcli.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF02C40000-00007FFF02C52000 cscapi.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFEE9260000-00007FFEE93F5000 TaskFlowDataEngine.dll (Microsoft Corporation),
    version: 10.0.18362.207 (WinBuild.160101.0800)
    00007FFEEFF70000-00007FFEF04B5000 cdp.dll (Microsoft Corporation),
    version: 10.0.18362.449 (WinBuild.160101.0800)
    00007FFF0C0D0000-00007FFF0C19F000 dsreg.dll (Microsoft Corporation),
    version: 10.0.18362.30 (WinBuild.160101.0800)
    00007FFF11D80000-00007FFF11D9D000 imagehlp.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF11C70000-00007FFF11CE6000 coml2.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFED9E40000-00007FFED9E7B000 mozavutil.dll (Mozilla Foundation),
    version: 71.0
    00007FFECE990000-00007FFECEC62000 mozavcodec.dll (Mozilla Foundation),
    version: 71.0
    00007FFEDCCA0000-00007FFEDCE9A000 mfplat.dll (Microsoft Corporation),
    version: 10.0.18362.207 (WinBuild.160101.0800)
    00007FFEDCC70000-00007FFEDCC9F000 RTWorkQ.DLL (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFEEAD80000-00007FFEEAE02000 mf.dll (Microsoft Corporation),
    version: 10.0.18362.476 (WinBuild.160101.0800)
    00007FFED9EA0000-00007FFED9EC3000 dxva2.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFED7F90000-00007FFED804C000 evr.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFED7E80000-00007FFED7EEF000 MSAudDecMFT.dll (Microsoft Corporation),
    version: 10.0.18362.175 (WinBuild.160101.0800)
    00007FFF05700000-00007FFF0582D000 mfperfhelper.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFECE6B0000-00007FFECE925000 msmpeg2vdec.dll (Microsoft Corporation),
    version: 10.0.18362.535 (WinBuild.160101.0800)
    00007FFF04ED0000-00007FFF04EE8000 devenum.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF00D70000-00007FFF00D7B000 msdmo.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFEF6910000-00007FFEF693F000 cryptnet.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF04CB0000-00007FFF04DC2000 mrmcorer.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF02090000-00007FFF020A0000 windows.staterepositorycore.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF04840000-00007FFF04870000 bcp47mrm.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    00007FFF10320000-00007FFF103BD000 sxs.dll (Microsoft Corporation),
    version: 10.0.18362.1 (WinBuild.160101.0800)
    - MS skipped (0) -

    Code Injection
    00370000-00371000 4KB C:\Program Files\Mozilla Firefox\firefox.exe [26196]
    1 C:\Program Files\Mozilla Firefox\firefox.exe [26196] 2019-12-28T09:14:20 6.2s
    2 C:\Program Files\Mozilla Firefox\firefox.exe [5912] 2019-12-28T09:14:14 12.1s
    3 C:\Program Files\Mozilla Firefox\firefox.exe [24416] 2019-12-28T09:14:14 1.5s
    4 C:\Windows\explorer.exe [12140] 2019-12-25T09:05:04
    5 C:\Windows\System32\userinit.exe [11424] 2019-12-25T09:04:54 1m 31s

    Process Trace
    1 C:\Program Files\Mozilla Firefox\firefox.exe [3484] 2019-12-28T09:14:20
    2 C:\Program Files\Mozilla Firefox\firefox.exe [26196] 2019-12-28T09:14:20 6.2s
    3 C:\Program Files\Mozilla Firefox\firefox.exe [5912] 2019-12-28T09:14:14 12.1s
    4 C:\Program Files\Mozilla Firefox\firefox.exe [24416] 2019-12-28T09:14:14 1.5s
    5 C:\Windows\explorer.exe [12140] 2019-12-25T09:05:04
    6 C:\Windows\System32\userinit.exe [11424] 2019-12-25T09:04:54 1m 31s

    Dropped Files
    1 C:\$Recycle.Bin\S-1-5-21-1075898003-4201839156-897539570-1001\$I4NH9TV.exe
    Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [12140]
    2 C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [12140]
    Read by \Device\HarddiskVolume3\Windows\explorer.exe [12140]
    3 C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\CachedFiles\CachedImage_1920_1080_POS1.jpg
    Dropped by \Device\HarddiskVolume3\Windows\explorer.exe [12140]

    Thumbprints
    b2e19ed3d8f0b6e003e82205dc72c393b214d13519bdf1653b97d49322e15871
     
    Last edited: Dec 28, 2019
  9. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,388
    Mitigation Lockdown - "IShellDispatch2 (*)" - will be fixed in the next release as mentioned above.

    In the meantime you can disable Application Lockdown for firefox.
     
  10. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,819
    Location:
    Under a bushel ...
    Thanks :thumb:, should've picked that up.
     
  11. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,388
  12. heikwith

    heikwith Registered Member

    Joined:
    Jul 29, 2002
    Posts:
    91
  13. XIII

    XIII Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    918
    They released the final version of 3.8.0 today (see the other thread).

    Maybe you can try that?
     
  14. heikwith

    heikwith Registered Member

    Joined:
    Jul 29, 2002
    Posts:
    91
    Also getting that BSOD in 3.8.0.859 Final !!
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.