Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Admin tools all unavailable, seemingly fake dropbox and a few other pr

Started by BrandiCopas , Jul 11 2017 06:52 AM

Malware unknown virus

Page 4 of 8
2
3
4
5
6

Please log in to reply

#46
BrandiCopas

Posted 19 July 2017 - 06:37 AM

Member

Topic Starter
Member
79 posts

That's the weird thing, I uninstalled anything related to Apple, iTunes, or Bonjour a few days ago, and here it is again. I don't use any of them. As well as any of the wild tangent games, all gone, but still appearing in scans.

I tried to start my Rock Gym Program last night, which is the pos and digital waiver system, my employer uses, anyway, it's a local sql server based program. THE pc I'm on, AIRWORX 2-PC is the old server, from our location in here before she sold business. Anyway, so that cannot start for some reason, anymore.

So, in looking through my logs in desktop folder I created called Cleanup Apps I found this log -

Log name is a2settings.ini

[General]
Revision=2
Language=en-us
SectionsCount=32

[Position]
Revision=1
Length=44
Flags=0
ShowCmd=1
ptMinX=-1
ptMinY=-1
ptMaxX=-1
ptMaxY=-1
rcNormalLeft=448
rcNormalTop=240
rcNormalRight=1472
rcNormalBottom=800
rcNormalTopLeftX=448
rcNormalTopLeftY=240
rcNormalBottomRightX=1472
rcNormalBottomRightY=800

[Connection]
Revision=2

[Download]
Revision=2

[Folders]
Revision=1

[InfoBox]
Revision=3

[Submit]
Revision=1

[News]
Revision=1
Message=[clr=13010179/b]Spotlight on ransomware: Ransomware encryption methods[/clr]

[News1]
Revision=1
Message=Spotlight on ransomware: Ransomware encryption methods
URL=http://emsi.at/sor3/...gn=ticker170718
Date=1500249600

[News2]
Revision=1
Message=New in 2017.6: Double Pulsar Mitigation and Email Notifications
URL=http://emsi.at/updat...aign=news170703
Date=1499040000

[News3]
Revision=1
Message=Petya ransomware variant attacks computers worldwide
URL=http://emsi.at/petya...gn=ticker170627
Date=1498521600

[News4]
Revision=1
Message=Doxware: Ransomware evolution or media hype?
URL=http://emsi.at/doxwa...gn=ticker170615
Date=1497571200

[News5]
Revision=1
Message=New in 2017.5: Anti-Ransomware
URL=http://emsi.at/updat...aign=news170531
Date=1496188800

[LastScan]
Revision=2
LastDetection=1500362334
Date=1500371406
Detected=1

[LastUpdated]
Revision=1
Date=1500362039
Result=1
LastTryResult=1

[TimeDelta]
Revision=1

[Logging]
Revision=3

[LicenseDetails]
Revision=6
MachineKey=C830EACA0D49E89D9AD331AA214F45946B6DB50D
MachineName=AIRWORX2-PC
ID=14962626
Model=1
Starts=1500304439
Ends=32503680000
Offline=0

[AccountDlg]
Revision=1

[ReScanQuarantine]
Revision=1

[CachedFolders]
Revision=1
AddScanFolder=I:\
SaveScanSettings=C:\Users\AIRWORX 2\Desktop\Cleanup apps\Scansets\

[LicenseType]
Revision=1
Type=8

[Key]
Revision=3
RegistrationKey=UdWdN75mSLmXS2jSPcLa
RegistrationKeys=JtvrTLnxU7rST5zwN7GgNqzWJsTFOc5aNs9bPcLZNrzFUdWdN75mSLmXS2jSPcLaJs1ZQ6LXPM5bJsTFOc5aNs9bPrzVNrzF

[NewsLetter]
Revision=1

[ElevatedRisk]
Revision=1

[MemoryUsage]
Revision=2

[ScanPerformance]
Revision=1
ThreadsToUse=5
ThreadAffinity=15
ThreadPriority=2

[ScannerOptions]
Revision=1
DetectPUP=1
OnScanFinishSettings=|0|1|

[GridsSettings]
Revision=2

[ShutdownScanStatistics]
Revision=1

[SystemConnection]
Revision=1
SectionType=9

;File timestamp: 1500371595

Then I have a few screen clips to upload so I'll do those next.

#47
RKinner

Posted 19 July 2017 - 07:04 AM

Malware Expert

Expert
24,625 posts

a2settings.ini is supposedly created by emisoft when you run their Emsisoft Command Line Scanner. Going to be out most of the day.

#48
BrandiCopas

Posted 19 July 2017 - 07:14 AM

Member

Topic Starter
Member
79 posts

These were a few of the kasp items found

Thought this "App" looked strange, so I tried to uninstall, and cannot?

The dates are all very recent, despite knowing they weren't recently installed, a bit of investigating

https://blogs.techne...alware-attacks/ found this, and several weird things related to it. I.E. something has reconfigured pretty much every program in the past few days.

https://portal.msrc....dc-000d3a32fc99

Wow, this discusses or includes many of my problem programs, I forgot to mention, I've not been able to use edge at all, but I don't typically, so it didn't seem like a big deal.

this is in services menu, should the numbers be present after the service name? There are several like that.

Attached Thumbnails

#49
BrandiCopas

Posted 19 July 2017 - 08:23 AM

Member

Topic Starter
Member
79 posts

Forgot to post those results

Emsisoft Emergency Kit - Version 2017.6
Last update: 7/18/2017 7:13:59 AM
User account: AIRWORX2-PC\AIRWORX 2
Computer name: AIRWORX2-PC
OS version: Windows 10x64

Scan settings:

Scan type: Custom Scan
Objects: Rootkits, Memory, Traces, C:\, D:\, I:\

Detect PUPs: On
Scan archives: On
Scan mail archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: On

Scan start: 7/18/2017 7:17:48 AM
C:\Users\AIRWORX 2\AppData\Roaming\Passware\ detected: Application.Win32.PassRecover (A) [222439]

Scanned 740688
Found 1

Scan end: 7/18/2017 9:50:04 AM
Scan time: 2:32:16

C:\Users\AIRWORX 2\AppData\Roaming\Passware\ Application.Win32.PassRecover (A)

Quarantined 1

#50
BrandiCopas

Posted 19 July 2017 - 01:08 PM

Member

Topic Starter
Member
79 posts

This log is from 7/12/17 I've run it 2x since, with no findings?

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
main: v2017.07.12.05
rootkit: v2017.05.27.01

Windows 10 x64 NTFS
Internet Explorer 11.1480.14393.0
AIRWORX 2 :: AIRWORX2-PC [administrator]

7/12/2017 6:53:44 AM
mbar-log-2017-07-12 (06-53-44).txt

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\Temp\services.exe.mui (Trojan.Agent) -> Delete on reboot. [b2b32d3813961a1cdc37706bda287888]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

#51
RKinner

Posted 20 July 2017 - 04:40 AM

Malware Expert

Expert
24,625 posts

Let Kaspersky delete anything it found.

If you don't what the programs and have already uninstalled them then delete the folders.

The numbers are normal. Win 10 loves numbers.

To uninstall messenger:

Try this command in Powershell

Get-AppxPackage *Microsoft.Messaging* | Remove-AppxPackage

Start Powershell by following the instructions here: https://www.howtogee...reinstall-them/

Acronis is backup software. Nothing to worry about.

#52
BrandiCopas

Posted 20 July 2017 - 07:26 AM

Member

Topic Starter
Member
79 posts

This was the error msg I received from powershell

Remove-AppxPackageGet-AppxPackage : The term 'Remove-AppxPackageGet-AppxPackage' is not recognized as the name of a
cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify
that the path is correct and try again.
At line:1 char:41
+ ... age *Microsoft.Messaging* | Remove-AppxPackageGet-AppxPackage *Micros ...
+                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (Remove-AppxPackageGet-AppxPackage:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

#53
RKinner

Posted 21 July 2017 - 06:02 AM

Malware Expert

Expert
24,625 posts

+ ... age *Microsoft.Messaging* | Remove-AppxPackageGet-AppxPackage *Micros ...

Looks like you typed it wrong. Try again.

#54
BrandiCopas

Posted 25 July 2017 - 04:47 PM

Member

Topic Starter
Member
79 posts

I tried it again, several times, not sure why it won't work, I even tried the way it's spelled on the file. I'll reattach the pic

#55
BrandiCopas

Posted 25 July 2017 - 04:47 PM

Member

Topic Starter
Member
79 posts

I tried it again, several times, not sure why it won't work, I even tried the way it's spelled on the file. I'll reattach the pic

#56
BrandiCopas

Posted 25 July 2017 - 04:57 PM

Member

Topic Starter
Member
79 posts

Just a quick reminder of issues I have currently, or had before we started, as I know you are busy helping several on here. )

Initially I couldn't access any admin tools, it told me to consult my admin (me) in a big red box. It has created several other "user" accounts saving credentials on my pc. I am the only user, and it was formerly a server, for work, (I now work from home) My POS system for work, uses a mySql database, this pc is configured as server, and laptop is a "POS" machine. Point of sale, this is for training purposes with staff, at remote locations, basically, and to remain fresh, in updates, so I can advise the locations, and deal with system outages, etc..

I have had varying results, at first, I couldn't open any admin tools, no device manager, etc.. That is repaired now, but I seemingly have several of the same files installed, programs running, etc.. I'm also attaching a new farbar, if you want, once the scan is complete. THX

Major notable problems in no particular order...

1. mySQL server program won't run anymore. error msg attached

2. in files, what ever this is, has actually cloned several programs, I have a folder called Windows.old among several others. Created 7/14/17.

3. credentials manager has several users I didn't create.

4. I've uninstalled anything Apple, Bonjour, Itunes, etc.. with no luck. It appears they uninstall, but they are still there.

5. Eset - for a while, in the beginning of all this, the infection had taken over eset, and program stated it was running, but then couldn't start, stop, or make any changes to it. I did do troubleshooting with them, and have those logs if you'd like.

I have several error logs, multiple users, group accounts (I've never had any group permissions setup, on purpose) that I did screen grabs of, virus files found, etc. For now, I'll wait to see if logs are needed

#57
RKinner

Posted 25 July 2017 - 05:22 PM

Malware Expert

Expert
24,625 posts

1. No attachment

2. Windows.old folder is usually created when you upgrade to a new version of windows. They usually keep it around for 30 days in case there are any files you need or you want to revert back to the older version. Open it up and see what is in there.

3. Did you try removing their folders in C:\Program Files or C:\Program Files (x86)

4. Have you tried downloading a new version of ESET, Uninstalling the old (save the license info), reboot then reinstall?

5. Which users do you have that shouldn't be there? Have you tried to remove them? What Happens.

6. Let's see new FRST scans.

#58
BrandiCopas

Posted 26 July 2017 - 03:15 AM

Member

Topic Starter
Member
79 posts

New scan results

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2017

Ran by AIRWORX 2 (administrator) on AIRWORX2-PC (25-07-2017 15:57:28)

Running from C:\Users\AIRWORX 2\Desktop

Loaded Profiles: AIRWORX 2 (Available Profiles: AIRWORX 2 & AirworxAZ & Administrator)

Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

() C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe

(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(AMD) C:\Windows\System32\atieclxx.exe

(ESET) C:\Program Files\ESET\ESET Security\egui.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe

(Microsoft Corporation) C:\Windows\System32\CastSrv.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Belkasoft) C:\Program Files (x86)\Belkasoft Evidence Center Ultimate\Evidence Center.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStore.App.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Hewlett-Packard )

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)

HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [18248 2013-05-14] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-07-12] (Dropbox, Inc.)

HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)

HKLM\...\Policies\Explorer: [0] 0

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\Run: [Kaspersky Software Updater] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe [1565000 2016-11-26] (AO Kaspersky Lab)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Tcpip\..\Interfaces\{6d74992a-85de-4a60-9382-4cc8d294c55b}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Tcpip\..\Interfaces\{fa3ce8d6-7afe-4ad0-a04f-b501407fe7a5}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK13/1

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1

SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

SearchScopes: HKU\S-1-5-21-2671885098-678752524-1400920573-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-2671885098-678752524-1400920573-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)

BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDFViewer\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-24] (Oracle Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-24] (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)

Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)

Toolbar: HKU\S-1-5-21-2671885098-678752524-1400920573-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1499697116239

DPF: HKLM-x32 {D66F9BB1-7D8E-4A96-9166-20FCC91CBFE9} hxxp://99.7.214.118/FDSH_DVR.CAB

DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com//activex/ractrl.cab?lmi=3379

FireFox:

========

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi

FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-04-28]

FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi

FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-24] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-24] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)

FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDFViewer\bin\nppdf.dll [2011-07-15] (Zeon Corporation)

FF Plugin HKU\S-1-5-21-2671885098-678752524-1400920573-1001: @citrixonline.com/appdetectorplugin -> C:\Users\AIRWORX 2\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-04-02] (Citrix Online)

Chrome:

=======

CHR DefaultProfile: Profile 9

CHR HomePage: Profile 9 -> hxxp://google.com/

CHR Profile: C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-06-24]

CHR Profile: C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 9 [2017-07-25]

CHR Extension: (Google Docs) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-10]

CHR Extension: (Google Drive) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-10]

CHR Extension: (YouTube) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-10]

CHR Extension: (Kaspersky Protection) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-07-14]

CHR Extension: (Google Docs Offline) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-10]

CHR Extension: (Chrome Web Store Payments) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-10]

CHR Extension: (Gmail) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-10]

CHR Extension: (Chrome Media Router) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-17]

CHR Profile: C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-14]

CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor4.0; C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [102400 2005-09-09] () [File not signed]

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)

S3 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]

S2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-24] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-24] (Dropbox, Inc.)

R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-07-12] (Dropbox, Inc.)

R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2625368 2017-07-11] (ESET)

R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)

S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)

R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)

S2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)

R3 ksu; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe [1565000 2016-11-26] (AO Kaspersky Lab)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)

S2 MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.0\my.ini [8958 2017-07-19] () [File not signed]

R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77640 2013-05-14] (Nuance Communications, Inc.)

R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [File not signed]

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)

R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132848 2017-07-11] (ESET)

R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107344 2017-03-09] (ESET)

S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14880 2017-03-09] (ESET)

R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [178056 2017-03-09] (ESET)

S4 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50752 2017-03-09] (ESET)

R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78192 2017-03-09] (ESET)

R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [101648 2017-03-09] (ESET)

S3 ESETCleanersDriver; C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [181160 2017-06-28] (ESET)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()

R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)

R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)

R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)

R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)

S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)

R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-28] (AO Kaspersky Lab)

R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520176 2017-04-28] (AO Kaspersky Lab)

S3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [187336 2017-07-14] (AO Kaspersky Lab)

R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-28] (AO Kaspersky Lab)

S1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-04-28] (AO Kaspersky Lab)

R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)

S3 klkbdflt2; C:\WINDOWS\system32\DRIVERS\klkbdflt2.sys [43440 2016-05-23] (AO Kaspersky Lab)

R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)

R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)

R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-07-14] (AO Kaspersky Lab)

S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-07-14] (AO Kaspersky Lab)

R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-07-14] (AO Kaspersky Lab)

S3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-07-14] (AO Kaspersky Lab)

R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)

R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-04-28] (AO Kaspersky Lab)

R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-07-14] (AO Kaspersky Lab)

R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-24] (Malwarebytes)

R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-24] (Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-24] (Malwarebytes)

R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-25] (Malwarebytes)

R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2015-01-08] (CACE Technologies, Inc.)

R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2016-10-27] (Realsil Semiconductor Corporation)

S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()

R0 vidsflt53; C:\WINDOWS\System32\DRIVERS\vsflt53.sys [141920 2016-03-03] (Acronis)

S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-25 15:23 - 2017-07-25 15:23 - 00162545 _____ C:\Users\AIRWORX 2\Documents\My Vendor List 8-15-12.xlsx

2017-07-25 07:46 - 2017-07-25 07:46 - 00000000 ____D C:\Users\AIRWORX 2\Desktop\Encrypted documents

2017-07-25 07:46 - 2017-07-25 07:46 - 00000000 ____D C:\Users\AIRWORX 2\Desktop\Documents_1

2017-07-25 05:46 - 2017-07-25 05:46 - 00068611 _____ C:\Users\AIRWORX 2\Downloads\f.txt

2017-07-25 04:56 - 2017-07-25 04:56 - 05780817 _____ C:\Users\AIRWORX 2\Downloads\17351442_117133718779563_5086019384804114432_n.bin

2017-07-24 18:39 - 2017-07-24 18:25 - 3007731185 ____N C:\Users\AIRWORX 2\Desktop\LGBackup_170724.lbf

2017-07-24 18:02 - 2017-07-24 18:02 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\Passware

2017-07-24 11:31 - 2017-07-24 11:31 - 00843873 _____ C:\Users\AIRWORX 2\Downloads\TS103488179.potx

2017-07-24 11:29 - 2017-07-24 11:29 - 00004318 _____ C:\Users\AIRWORX 2\Downloads\MC900054580.WMF

2017-07-24 11:18 - 2017-07-24 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate

2017-07-24 11:07 - 2017-07-24 11:07 - 00000000 ____D C:\Program Files (x86)\Seagate

2017-07-24 09:54 - 2017-07-24 09:54 - 00000000 ____D C:\WINDOWS\system32\SRSLabs

2017-07-24 09:54 - 2017-07-24 09:54 - 00000000 ____D C:\Program Files\IDT

2017-07-24 09:54 - 2013-11-20 10:43 - 06101504 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll

2017-07-24 09:54 - 2013-11-20 10:43 - 01897984 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl

2017-07-24 09:54 - 2013-11-20 10:43 - 01703424 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe

2017-07-24 09:54 - 2013-11-20 10:43 - 00464384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slapoi64.dll

2017-07-24 09:54 - 2013-11-20 10:43 - 00030389 _____ C:\WINDOWS\system32\DTS_TOWER.XML

2017-07-24 09:48 - 2017-07-24 11:13 - 00000000 ____D C:\WINDOWS\Minidump

2017-07-24 09:42 - 2017-07-24 09:42 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\FBA95002-17BB-4264-B1E2-EE748AD9FCC7

2017-07-24 09:42 - 2017-07-24 09:42 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\BE7A0D4F-259E-4ACF-95D4-65A4A82C6258

2017-07-24 09:33 - 2017-07-24 09:33 - 00479815 _____ C:\Users\AIRWORX 2\Documents\eStmt_2016-06-30.pdf

2017-07-24 09:33 - 2017-07-24 09:33 - 00477980 _____ C:\Users\AIRWORX 2\Documents\eStmt_2016-09-30.pdf

2017-07-24 09:33 - 2017-07-24 09:33 - 00469343 _____ C:\Users\AIRWORX 2\Documents\eStmt_2016-08-31.pdf

2017-07-24 09:33 - 2017-07-24 09:33 - 00453034 _____ C:\Users\AIRWORX 2\Documents\eStmt_2016-10-31.pdf

2017-07-24 08:36 - 2017-07-24 08:36 - 00206704 _____ C:\Users\AIRWORX 2\Documents\FTIBank of America _ Online Banking _ Accounts _ Account Details _ Account Activity.pdf

2017-07-24 08:29 - 2017-07-24 08:29 - 00453034 _____ C:\Users\AIRWORX 2\Downloads\eStmt_2016-10-31.pdf

2017-07-24 08:28 - 2017-07-24 08:28 - 00477980 _____ C:\Users\AIRWORX 2\Downloads\eStmt_2016-09-30.pdf

2017-07-24 08:27 - 2017-07-24 08:27 - 00479815 _____ C:\Users\AIRWORX 2\Downloads\eStmt_2016-06-30.pdf

2017-07-24 08:25 - 2017-07-24 08:25 - 00469343 _____ C:\Users\AIRWORX 2\Downloads\eStmt_2016-08-31.pdf

2017-07-24 08:18 - 2017-07-24 08:18 - 03286340 _____ C:\Users\AIRWORX 2\Downloads\DOC071317-002.pdf

2017-07-24 06:56 - 2017-07-24 14:50 - 00002073 _____ C:\Users\AIRWORX 2\Desktop\my post.txt

2017-07-24 05:55 - 2017-07-24 05:55 - 00000000 _____ C:\Users\AIRWORX 2\defogger_reenable

2017-07-24 05:54 - 2017-07-24 05:54 - 00050477 _____ C:\Users\AIRWORX 2\Downloads\Defogger.exe

2017-07-24 05:30 - 2017-07-24 05:30 - 02001544 _____ C:\Users\AIRWORX 2\Downloads\pc-decrapifier-3.0.1.exe

2017-07-24 05:12 - 2017-07-24 05:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11

2017-07-24 05:12 - 2017-07-24 05:12 - 00000000 ____D C:\Program Files (x86)\Cobian Backup 11

2017-07-24 05:10 - 2017-07-24 05:10 - 19709440 ____N (Luis Cobian, CobianSoft) C:\Users\AIRWORX 2\Downloads\cbSetup.exe

2017-07-24 05:04 - 2017-07-24 09:34 - 00060863 _____ C:\Users\AIRWORX 2\Desktop\Addition.txt

2017-07-24 05:01 - 2017-07-25 15:58 - 00021319 _____ C:\Users\AIRWORX 2\Desktop\FRST.txt

2017-07-24 05:01 - 2017-07-25 15:57 - 00000000 ____D C:\FRST

2017-07-24 04:51 - 2017-07-24 04:51 - 02382336 ____N (Farbar) C:\Users\AIRWORX 2\Desktop\FRST64.exe

2017-07-24 04:15 - 2017-07-24 04:15 - 00059467 ____N C:\Users\AIRWORX 2\Downloads\HS-5.8.17 #3104 CJump Allen April Inv&Rep SH (1).pdf

2017-07-24 04:12 - 2017-07-24 04:12 - 00071158 ____N C:\Users\AIRWORX 2\Downloads\07.11.17 Olathe-Holmes III LLC.pdf

2017-07-24 04:10 - 2017-07-24 04:10 - 00196464 ____N C:\Users\AIRWORX 2\Downloads\07.01.17 Olathe-AT&T.pdf

2017-07-24 04:09 - 2017-07-24 04:09 - 00480772 ____N C:\Users\AIRWORX 2\Downloads\07.17 Olathe-BOA Stmt.pdf

2017-07-24 04:08 - 2017-07-24 04:08 - 00072792 ____N C:\Users\AIRWORX 2\Downloads\06.30.17 Houston-CocaCola.pdf

2017-07-24 04:07 - 2017-07-24 04:07 - 00073576 ____N C:\Users\AIRWORX 2\Downloads\06.30.17 Dallas II-CocaCola.pdf

2017-07-24 04:01 - 2017-07-24 04:01 - 00044143 ____N C:\Users\AIRWORX 2\Downloads\Texas Notice of Tax-Fee Due.pdf

2017-07-24 03:48 - 2017-07-24 03:48 - 00257899 ____N C:\Users\AIRWORX 2\Downloads\1718abcdecalendar.pdf

2017-07-24 03:47 - 2017-07-24 03:47 - 01494216 ____N C:\Users\AIRWORX 2\Downloads\1718districtcalendar071917.pdf

2017-07-22 07:08 - 2017-05-19 23:02 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebManagement.exe

2017-07-21 22:38 - 2017-07-21 22:38 - 00000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal

2017-07-21 22:38 - 2017-07-21 22:38 - 00000000 ___RD C:\WINDOWS\WebManagement

2017-07-21 22:38 - 2017-03-18 08:48 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationREST.dll

2017-07-21 22:38 - 2017-03-17 22:00 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvcapi.dll

2017-07-21 22:38 - 2017-03-17 22:00 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperTools.ProxyStub.dll

2017-07-21 22:38 - 2017-03-17 21:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevToolsLauncher.exe

2017-07-21 22:38 - 2017-03-17 21:59 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeployUtil.exe

2017-07-21 22:38 - 2017-03-17 21:58 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvc.dll

2017-07-21 22:38 - 2017-03-17 21:57 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshProxy.dll

2017-07-21 22:38 - 2017-03-17 21:56 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdp.dll

2017-07-21 22:38 - 2017-03-17 21:56 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSession.exe

2017-07-21 22:38 - 2017-03-17 21:56 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSftp.exe

2017-07-21 22:38 - 2017-03-17 21:55 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperToolsSvc.exe

2017-07-21 22:38 - 2017-03-17 21:53 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshBroker.dll

2017-07-21 07:57 - 2017-07-21 07:57 - 01118208 ____N C:\Users\AIRWORX 2\Desktop\eventviewer.evtx

2017-07-21 07:54 - 2017-07-21 07:54 - 00626956 ____N C:\Users\AIRWORX 2\Desktop\sys info.txt

2017-07-21 05:16 - 2017-07-21 05:16 - 00003784 ____N C:\Users\AIRWORX 2\Downloads\fixlist.txt

2017-07-21 02:37 - 2017-07-21 02:37 - 00031963 ____N C:\Users\AIRWORX 2\Downloads\Backup_17-17-07 10-43AM (1).zip

2017-07-21 02:36 - 2017-07-21 02:36 - 00031963 ____N C:\Users\AIRWORX 2\Downloads\Backup_17-17-07 10-43AM.zip

2017-07-21 02:18 - 2017-07-21 02:18 - 00001516 ____N C:\Users\AIRWORX 2\Desktop\malware bytes quar.txt

2017-07-20 12:57 - 2017-07-20 12:57 - 00000000 ____D C:\WINDOWS\ERUNT

2017-07-20 12:56 - 2017-07-20 12:58 - 00000646 _____ C:\DelFix.txt

2017-07-20 12:30 - 2015-08-09 11:12 - 00043104 ____N (NirSoft) C:\Users\AIRWORX 2\Desktop\AppCrashView.exe

2017-07-20 12:30 - 2015-08-09 11:12 - 00015426 ____N C:\Users\AIRWORX 2\Desktop\AppCrashView.chm

2017-07-20 12:30 - 2015-08-09 11:12 - 00007123 ____N C:\Users\AIRWORX 2\Desktop\readme.txt

2017-07-20 12:29 - 2017-07-20 12:29 - 00047265 ____N C:\Users\AIRWORX 2\Desktop\appcrashview.zip

2017-07-20 08:56 - 2017-07-25 14:17 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2017-07-20 08:56 - 2017-07-24 11:13 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2017-07-20 08:56 - 2017-07-24 11:13 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2017-07-20 08:55 - 2017-07-20 08:55 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2017-07-20 08:55 - 2017-07-20 08:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-07-20 08:55 - 2017-07-20 08:55 - 00000000 ____D C:\Program Files\Malwarebytes

2017-07-20 08:55 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys

2017-07-20 08:54 - 2017-07-20 08:55 - 65033984 ____N (Malwarebytes ) C:\Users\AIRWORX 2\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe

2017-07-20 08:16 - 2017-07-20 08:16 - 135729424 ____N (Microsoft Corporation) C:\Users\AIRWORX 2\Downloads\msert (3).exe

2017-07-20 04:53 - 2017-07-20 05:02 - 00000000 ____D C:\Users\AIRWORX 2\SecurityScans

2017-07-20 04:48 - 2017-07-20 04:48 - 01818624 ____N C:\Users\AIRWORX 2\Downloads\MBSASetup-x64-EN.msi

2017-07-19 08:41 - 2017-07-19 08:42 - 00066957 _____ C:\WINDOWS\system32\AIRWORX

2017-07-19 08:36 - 2017-07-19 08:40 - 00051333 ____N C:\Users\AIRWORX 2\Desktop\sfcdetails.txt

2017-07-19 07:56 - 2017-07-19 07:56 - 00342981 ____N C:\Users\AIRWORX 2\Downloads\PATIENT ACQUAINTENCE FORM 2017-signed.pdf

2017-07-19 07:13 - 2017-07-19 07:13 - 44003024 ____N (Microsoft Corporation) C:\Users\AIRWORX 2\Desktop\Windows-KB890830-x64-V5.50.exe

2017-07-19 06:58 - 2017-07-19 06:58 - 06361088 ____N C:\Users\AIRWORX 2\Desktop\windows security logs.evtx

2017-07-19 06:56 - 2017-07-19 06:56 - 01118208 ____N C:\Users\AIRWORX 2\Desktop\recent events.evtx

2017-07-19 06:56 - 2017-07-19 06:56 - 00000000 ____D C:\Users\AIRWORX 2\Desktop\LocaleMetaData

2017-07-19 05:13 - 2017-07-19 05:13 - 00335756 ____N C:\Users\AIRWORX 2\Desktop\reliability history.XML

2017-07-19 04:31 - 2017-07-19 04:31 - 00006054 ____N C:\Users\AIRWORX 2\Desktop\Kas findings some not addressed.txt

2017-07-19 03:28 - 2017-07-19 03:28 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\PackageStaging

2017-07-19 03:06 - 2017-07-19 03:06 - 00012672 ____N C:\Users\AIRWORX 2\Desktop\full scan kas.txt

2017-07-19 03:05 - 2017-07-19 03:05 - 00002066 ____N C:\Users\AIRWORX 2\Desktop\Vul scan.txt

2017-07-18 19:47 - 2017-07-18 19:47 - 00455756 ____N C:\Users\AIRWORX 2\Downloads\OFFICE POLICIES FOR PPWORK 2017 WITH LOGO-signed.pdf

2017-07-18 14:04 - 2017-07-19 07:59 - 00100526 ____N C:\Users\AIRWORX 2\Downloads\HIPAA Privacy Authorization Form.pdf

2017-07-18 14:04 - 2017-07-18 14:04 - 00377763 ____N C:\Users\AIRWORX 2\Downloads\OFFICE POLICIES FOR PPWORK 2017 WITH LOGO.pdf

2017-07-18 14:04 - 2017-07-18 14:04 - 00179165 ____N C:\Users\AIRWORX 2\Downloads\PATIENT ACQUAINTENCE FORM 2017.pdf

2017-07-18 13:40 - 2017-07-18 13:58 - 00000000 ____D C:\Users\AIRWORX 2\Desktop\kc

2017-07-18 13:16 - 2017-07-18 13:16 - 00002066 ____N C:\Users\AIRWORX 2\Desktop\ks items found.txt

2017-07-18 13:15 - 2017-07-18 13:15 - 00002066 ____N C:\Users\AIRWORX 2\Desktop\kas items found.txt

2017-07-18 13:05 - 2017-07-18 13:05 - 00631136 ____N C:\Users\AIRWORX 2\Downloads\CCF10112016 (2).pdf

2017-07-18 13:05 - 2017-07-18 13:05 - 00631136 ____N C:\Users\AIRWORX 2\Downloads\CCF10112016 (2) (1).pdf

2017-07-18 13:05 - 2017-07-18 13:05 - 00627784 ____N C:\Users\AIRWORX 2\Downloads\CCF10112016 (3).pdf

2017-07-18 13:05 - 2017-07-18 13:05 - 00413116 ____N C:\Users\AIRWORX 2\Downloads\CCF10112016 (1).pdf

2017-07-18 13:02 - 2017-07-18 13:02 - 00531500 ____N C:\Users\AIRWORX 2\Desktop\KC Receipts April 2016.pdf

2017-07-18 12:59 - 2017-07-18 12:59 - 00779604 ____N C:\Users\AIRWORX 2\Downloads\KC May 2016 Receipts.pdf

2017-07-18 12:59 - 2017-07-18 12:59 - 00779604 ____N C:\Users\AIRWORX 2\Desktop\KC May 2016 Receipts (1).pdf

2017-07-18 12:56 - 2017-07-18 12:56 - 00888660 ____N C:\Users\AIRWORX 2\Desktop\KC Receipts June 2016.pdf

2017-07-18 12:54 - 2017-07-18 12:54 - 00218291 ____N C:\Users\AIRWORX 2\Downloads\KC Reports 8.1.pdf

2017-07-18 12:51 - 2017-07-18 12:51 - 01149113 ____N C:\Users\AIRWORX 2\Desktop\KC Receipts July 2016.pdf

2017-07-18 12:49 - 2017-07-18 12:49 - 00234159 ____N C:\Users\AIRWORX 2\Downloads\CCI09012016.pdf

2017-07-18 12:48 - 2017-07-18 12:48 - 00458582 ____N C:\Users\AIRWORX 2\Downloads\9.7.16 (1).pdf

2017-07-18 12:46 - 2017-07-18 12:46 - 00005049 ____N C:\Users\AIRWORX 2\Downloads\Aged Receivables.pdf

2017-07-18 12:45 - 2017-07-18 12:45 - 00413116 ____N C:\Users\AIRWORX 2\Downloads\CCF10112016.pdf

2017-07-18 12:41 - 2017-07-18 12:41 - 00197013 ____N C:\Users\AIRWORX 2\Downloads\CCF01102017 (1).pdf

2017-07-18 12:38 - 2017-07-18 12:38 - 00023765 ____N C:\Users\AIRWORX 2\Downloads\KC Tramp Specs.pdf

2017-07-18 12:34 - 2017-07-18 12:34 - 00195196 ____N C:\Users\AIRWORX 2\Downloads\07-15-17.pdf

2017-07-18 12:31 - 2017-07-18 12:31 - 00384839 ____N C:\Users\AIRWORX 2\Downloads\CCF06172017_0001.pdf

2017-07-18 12:30 - 2017-07-18 12:30 - 00374743 ____N C:\Users\AIRWORX 2\Downloads\CCF07092017 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 00101084 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700104306)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 00098532 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700058437)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 00096973 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700180809)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 00095005 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700030432)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 00092177 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700012338)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 00088715 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700081692)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 00085982 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700224605)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:23 - 2017-07-18 12:23 - 00433166 ____N C:\Users\AIRWORX 2\Downloads\CUSTSTMT.PDF

2017-07-18 12:22 - 2017-07-18 12:22 - 00604455 ____N C:\Users\AIRWORX 2\Downloads\20161221131018092.pdf

2017-07-18 12:21 - 2017-07-18 12:21 - 00174841 ____N C:\Users\AIRWORX 2\Downloads\20161221131237330 (1).pdf

2017-07-18 12:11 - 2017-07-18 12:11 - 00084006 ____N C:\Users\AIRWORX 2\Documents\https___email02.godaddy.com_view_print_multi.pdf

2017-07-18 11:24 - 2017-07-18 11:24 - 01143460 ____N C:\Users\AIRWORX 2\Downloads\Coke contract Houston.pdf

2017-07-18 11:24 - 2017-07-18 11:24 - 00176568 ____N C:\Users\AIRWORX 2\Downloads\Airowx Cosmic Jump Contract signed by Maura-signed.pdf

2017-07-18 11:04 - 2017-07-18 11:04 - 00384804 ____N C:\Users\AIRWORX 2\Downloads\img034 (1).pdf

2017-07-18 11:02 - 2017-07-18 11:02 - 00147945 ____N C:\Users\AIRWORX 2\Downloads\Airworx Contract Coke (1).pdf

2017-07-18 11:00 - 2017-07-18 11:00 - 00151856 ____N C:\Users\AIRWORX 2\Downloads\Airworx Contract Coke.pdf

2017-07-18 11:00 - 2017-07-18 11:00 - 00129543 ____N C:\Users\AIRWORX 2\Downloads\Airowx Cosmic Jump Contract signed by Maura.pdf

2017-07-18 10:57 - 2017-07-18 10:57 - 00384804 ____N C:\Users\AIRWORX 2\Downloads\img034.pdf

2017-07-18 10:39 - 2017-07-18 10:39 - 00194482 ____N C:\Users\AIRWORX 2\Documents\Bank of America _ Online Banking _ Accounts _ Account Details _ Account Activity1.pdf

2017-07-18 10:38 - 2017-07-18 10:38 - 00203708 ____N C:\Users\AIRWORX 2\Documents\Bank of America _ Online Banking _ Accounts _ Account Details _ Account Activity.pdf

2017-07-18 07:12 - 2017-07-18 07:12 - 00000000 ____D C:\ProgramData\Emsisoft

2017-07-18 07:08 - 2017-07-18 07:09 - 320730544 ____N C:\Users\AIRWORX 2\Downloads\EmsisoftEmergencyKit.exe

2017-07-18 06:18 - 2017-07-18 06:18 - 00037290 ____N C:\Users\AIRWORX 2\Downloads\redeppening (1).pdf

2017-07-18 06:13 - 2017-07-18 06:13 - 00469373 ____N C:\Users\AIRWORX 2\Downloads\Jason Le Incident.pdf

2017-07-18 06:12 - 2017-07-18 06:12 - 00197755 ____N C:\Users\AIRWORX 2\Downloads\6.4.2017.pdf

2017-07-18 06:04 - 2017-07-18 06:04 - 00350407 ____N C:\Users\AIRWORX 2\Downloads\Baur 4 national treasure.pdf

2017-07-18 06:02 - 2017-07-18 06:02 - 00374743 ____N C:\Users\AIRWORX 2\Downloads\CCF07092017.pdf

2017-07-18 05:54 - 2017-07-18 05:54 - 01004434 ____N C:\Users\AIRWORX 2\Downloads\CCF02012017.pdf

2017-07-18 05:43 - 2017-07-18 05:43 - 00000801 ____N C:\Users\AIRWORX 2\Downloads\Downloads - Shortcut.lnk

2017-07-18 04:35 - 2017-07-17 10:14 - 05542722 ____N C:\Users\AIRWORX 2\Downloads\SysInspector-AIRWORX2-PC-170717-072446.xml

2017-07-18 03:46 - 2017-07-18 03:46 - 00006522 ____N C:\Users\AIRWORX 2\Documents\case.txt

2017-07-17 10:26 - 2017-07-17 10:26 - 00041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS

2017-07-17 10:25 - 2017-07-17 10:25 - 02724512 ____N (Sysinternals - www.sysinternals.com) C:\Users\AIRWORX 2\Downloads\procexp.exe

2017-07-17 10:14 - 2017-07-17 10:14 - 00504650 _____ C:\Users\AIRWORX 2\SysInspector-AIRWORX2-PC-170717-072446.zip

2017-07-17 09:55 - 2017-07-17 09:55 - 00000000 _____ C:\WINDOWS\system32\wmic

2017-07-17 09:22 - 2017-07-17 09:22 - 141475088 ____N (Microsoft Corporation) C:\Users\AIRWORX 2\Downloads\msert (2).exe

2017-07-17 09:21 - 2017-07-17 09:21 - 07340032 ____N C:\Users\AIRWORX 2\Downloads\msert (1).exe

2017-07-17 09:14 - 2017-07-17 09:14 - 01048576 ____N C:\Users\AIRWORX 2\Downloads\msert.exe

2017-07-17 07:40 - 2017-07-17 07:40 - 06754944 ____N (ESET spol. s r.o.) C:\Users\AIRWORX 2\Downloads\esetonlinescanner_enu.exe

2017-07-17 07:11 - 2017-07-17 07:11 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\DBG

2017-07-17 03:31 - 2017-07-24 04:50 - 00000000 ____D C:\Users\AIRWORX 2\Desktop\Cleanup apps

2017-07-14 11:00 - 2017-07-14 11:00 - 00000000 ____D C:\Users\Public\Documents\MDMDiagnostics

2017-07-14 10:40 - 2017-07-14 10:40 - 00000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-2671885098-678752524-1400920573-1001

2017-07-14 09:14 - 2017-07-14 09:14 - 00000000 ____D C:\WINDOWS\PCHEALTH

2017-07-14 06:50 - 2017-07-14 06:50 - 00000020 ___SH C:\Users\AIRWORX 2\ntuser.ini

2017-07-14 06:30 - 2017-07-14 06:30 - 32688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 31652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 21353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 20504576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 20373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 17364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 13839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 12786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 08238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 08211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 07596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 07149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 06554928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 06287360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 06123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 05892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 05820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 05806048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 04847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 04730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 04536320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 04469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 04447744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 03670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 03656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 03377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 03204096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 03139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 03057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02956800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02645688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02444696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2017-07-14 06:30 - 2017-07-14 06:30 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 02021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2017-07-14 06:30 - 2017-07-14 06:30 - 01930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 01420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01396224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2017-07-14 06:30 - 2017-07-14 06:30 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01337848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 01237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 01178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 01171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 01077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2017-07-14 06:30 - 2017-07-14 06:30 - 01057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 01017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2017-07-14 06:30 - 2017-07-14 06:30 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi

2017-07-14 06:30 - 2017-07-14 06:30 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00847872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00790016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 00754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl

2017-07-14 06:30 - 2017-07-14 06:30 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl

2017-07-14 06:30 - 2017-07-14 06:30 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr

2017-07-14 06:30 - 2017-07-14 06:30 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00554392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2017-07-14 06:30 - 2017-07-14 06:30 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2017-07-14 06:30 - 2017-07-14 06:30 - 00544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr

2017-07-14 06:30 - 2017-07-14 06:30 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00472728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00406032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 00279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 00278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv

2017-07-14 06:30 - 2017-07-14 06:30 - 00233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv

2017-07-14 06:30 - 2017-07-14 06:30 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00176032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00119384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00096128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 00031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin

2017-07-14 06:30 - 2017-07-14 06:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE

2017-07-14 06:22 - 2017-07-14 06:22 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv

2017-07-14 06:22 - 2017-07-14 06:22 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2017-07-14 06:22 - 2017-07-14 06:22 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2017-07-14 06:22 - 2017-07-14 06:22 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2017-07-14 06:22 - 2017-07-14 06:22 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

2017-07-14 06:20 - 2017-07-14 06:23 - 00015243 _____ C:\WINDOWS\diagwrn.xml

2017-07-14 06:20 - 2017-07-14 06:23 - 00015243 _____ C:\WINDOWS\diagerr.xml

2017-07-14 06:17 - 2017-07-20 04:56 - 00000000 ____D C:\WINDOWS\ServiceProfiles

2017-07-14 06:17 - 2017-07-14 06:17 - 00008192 _____ C:\WINDOWS\system32\config\userdiff

2017-07-14 06:14 - 2017-07-14 06:14 - 00000000 ____D C:\Program Files\Reference Assemblies

2017-07-14 06:14 - 2017-07-14 06:14 - 00000000 ____D C:\Program Files\MSBuild

2017-07-14 06:14 - 2017-07-14 06:14 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies

2017-07-14 06:14 - 2017-07-14 06:14 - 00000000 ____D C:\Program Files (x86)\MSBuild

2017-07-14 06:14 - 2017-07-14 06:14 - 00000000 ____D C:\inetpub

2017-07-14 06:13 - 2017-07-14 06:13 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2017-07-14 06:13 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2017-07-14 06:13 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2017-07-14 06:13 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2017-07-14 06:13 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2017-07-14 06:13 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2017-07-14 06:13 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2017-07-14 06:12 - 2017-07-24 13:48 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DBB8FF06-B999-4A95-A7CE-15C213181723}

2017-07-14 06:12 - 2017-07-24 11:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-07-14 06:12 - 2017-07-15 06:57 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2

2017-07-14 06:12 - 2017-07-14 06:12 - 00002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2671885098-678752524-1400920573-1001

2017-07-14 06:12 - 2017-07-14 06:12 - 00002134 _____ C:\WINDOWS\System32\Tasks\RGP Backup

2017-07-14 06:12 - 2017-07-14 06:12 - 00002118 _____ C:\WINDOWS\System32\Tasks\{39393239-4118-43A9-9EF4-579F68CFC882}

2017-07-14 06:12 - 2017-07-14 06:12 - 00001984 _____ C:\WINDOWS\System32\Tasks\{32B26120-173E-4516-BA92-CE080FB3608E}

2017-07-14 06:12 - 2017-07-14 06:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform

2017-07-14 06:11 - 2017-07-19 16:37 - 00003280 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForAIRWORX 2

2017-07-14 06:11 - 2017-07-14 06:12 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2017-07-14 06:11 - 2017-07-14 06:12 - 00003452 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA

2017-07-14 06:11 - 2017-07-14 06:12 - 00003374 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf8dc0ce6bb10d

2017-07-14 06:11 - 2017-07-14 06:12 - 00003300 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2671885098-678752524-1400920573-1001

2017-07-14 06:11 - 2017-07-14 06:12 - 00003228 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore

2017-07-14 06:11 - 2017-07-14 06:12 - 00003204 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2671885098-678752524-1400920573-1001

2017-07-14 06:11 - 2017-07-14 06:12 - 00003150 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d0bf681e553bf8

2017-07-14 06:11 - 2017-07-14 06:12 - 00003070 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d08f601e825b6

2017-07-14 06:11 - 2017-07-14 06:12 - 00003070 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d040ece2e11a19

2017-07-14 06:11 - 2017-07-14 06:12 - 00003070 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2017-07-14 06:11 - 2017-07-14 06:12 - 00002802 _____ C:\WINDOWS\System32\Tasks\[email protected]

2017-07-14 06:11 - 2017-07-14 06:12 - 00002310 _____ C:\WINDOWS\System32\Tasks\Adobe Uninstaller

2017-07-14 06:11 - 2017-07-14 06:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard

2017-07-14 06:11 - 2017-07-14 06:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\Event Viewer Tasks

2017-07-14 05:56 - 2017-07-14 05:56 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2017-07-14 05:49 - 2017-07-14 05:59 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate

2017-07-14 05:47 - 2017-07-14 05:47 - 00000000 ____D C:\ProgramData\USOShared

2017-07-14 05:46 - 2017-07-24 05:55 - 00000000 ____D C:\Users\AIRWORX 2

2017-07-14 05:46 - 2017-07-14 06:05 - 00000000 ____D C:\Users\AirworxAZ

2017-07-14 05:46 - 2017-07-14 06:05 - 00000000 ____D C:\Users\Administrator

2017-07-14 05:45 - 2017-07-24 11:19 - 01076284 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-07-14 05:44 - 2017-07-14 05:44 - 00939752 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI

2017-07-14 05:44 - 2017-07-14 05:44 - 00000000 ____D C:\WINDOWS\SysWOW64\sda

2017-07-14 05:39 - 2017-07-14 05:39 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies

2017-07-14 05:39 - 2017-07-14 05:39 - 00000000 ____D C:\Program Files\AMD

2017-07-14 05:39 - 2017-07-14 05:39 - 00000000 _____ C:\WINDOWS\ativpsrm.bin

2017-07-14 05:39 - 2017-03-18 13:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2017-07-14 05:38 - 2017-07-14 05:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2017-07-14 05:36 - 2017-07-25 14:14 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

2017-07-14 05:36 - 2017-07-18 03:53 - 00532544 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-07-14 04:28 - 2017-07-14 04:28 - 00002103 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk

2017-07-14 03:47 - 2017-07-14 03:47 - 00251656 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys

2017-07-14 03:44 - 2017-07-14 03:44 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys

2017-07-14 03:44 - 2017-07-14 03:44 - 00173144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys

2017-07-14 03:44 - 2017-07-14 03:44 - 00112912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys

2017-07-14 03:44 - 2017-07-14 03:44 - 00087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys

2017-07-14 02:51 - 2017-07-14 05:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security

2017-07-14 02:51 - 2017-07-14 05:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection

2017-07-14 02:50 - 2017-04-28 15:05 - 01018592 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys

2017-07-14 02:50 - 2017-04-28 15:05 - 00197336 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys

2017-07-14 02:50 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll

2017-07-14 02:37 - 2017-07-14 02:38 - 195931824 ____N (Kaspersky Lab) C:\Users\AIRWORX 2\Downloads\kts17.0.0.611abcden_12159.exe

2017-07-13 13:47 - 2017-07-14 05:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2017-07-12 12:58 - 2017-07-12 12:58 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

2017-07-12 12:58 - 2017-07-12 12:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys

2017-07-12 12:58 - 2017-07-12 12:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys

2017-07-12 12:58 - 2017-07-12 12:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

2017-07-12 09:29 - 2017-07-25 10:10 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2017-07-12 09:29 - 2017-07-14 05:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater

2017-07-12 09:29 - 2017-07-14 05:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan

2017-07-12 09:29 - 2017-07-14 02:51 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab

2017-07-12 09:28 - 2017-07-14 02:39 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files

2017-07-12 06:53 - 2017-07-24 11:13 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2017-07-12 06:53 - 2017-07-24 09:49 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2017-07-12 06:53 - 2017-07-20 08:55 - 00000000 ____D C:\ProgramData\Malwarebytes

2017-07-12 06:53 - 2017-07-20 08:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2017-07-11 13:47 - 2017-07-14 06:25 - 00000000 ___DC C:\WINDOWS\Panther

2017-07-11 13:45 - 2017-07-14 09:28 - 00004565 _____ C:\VEW.txt

2017-07-11 09:24 - 2017-07-11 14:53 - 00010285 _____ C:\junk.txt

2017-07-11 04:04 - 2017-07-14 09:30 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys

2017-07-11 04:03 - 2017-07-14 05:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller

2017-07-11 04:03 - 2017-07-13 06:36 - 00000000 ____D C:\Program Files\RogueKiller

2017-07-11 04:03 - 2017-07-11 05:12 - 00000000 ____D C:\ProgramData\RogueKiller

2017-07-10 10:51 - 2017-07-10 10:51 - 00000000 ____D C:\Users\AirworxAZ\AppData\LocalLow\Adobe

2017-07-10 10:51 - 2017-07-10 10:51 - 00000000 ____D C:\Users\AirworxAZ\AppData\Local\Adobe

2017-07-10 10:36 - 2017-07-10 10:36 - 00000000 ____D C:\Users\AirworxAZ\AppData\Roaming\Macromedia

2017-07-10 10:31 - 2017-07-10 10:51 - 00000000 ____D C:\Users\AirworxAZ\AppData\Roaming\Adobe

2017-07-10 10:15 - 2017-07-14 05:47 - 00000000 ____D C:\Users\AirworxAZ\AppData\Local\Packages

2017-07-10 10:15 - 2017-07-10 10:15 - 00000000 ____D C:\Users\AirworxAZ\AppData\Roaming\Zeon

2017-07-10 10:14 - 2017-07-10 10:14 - 00000000 ____D C:\Users\AirworxAZ\AppData\Local\TileDataLayer

2017-07-10 10:14 - 2017-07-10 10:14 - 00000000 ____D C:\Users\AirworxAZ\AppData\Local\ConnectedDevicesPlatform

2017-07-10 10:14 - 2016-09-30 14:21 - 00000000 ____D C:\Users\AirworxAZ\Documents\hp.system.package.metadata

2017-07-10 10:14 - 2016-09-30 14:21 - 00000000 ____D C:\Users\AirworxAZ\Documents\hp.applications.package.appdata

2017-07-10 10:14 - 2016-09-30 14:21 - 00000000 ____D C:\Users\AirworxAZ\AppData\Local\Microsoft Help

2017-07-10 10:14 - 2016-09-30 14:21 - 00000000 ____D C:\Users\AirworxAZ\AppData\Local\Google

2017-07-10 09:38 - 2017-07-14 06:51 - 00002339 ____N C:\Users\AIRWORX 2\Desktop\Google Chrome.lnk

2017-07-10 07:25 - 2017-07-10 07:25 - 00195346 ____N C:\Users\AIRWORX 2\Documents\wu170509.diagcab

2017-07-10 07:16 - 2017-07-10 07:16 - 130903960 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MRT.exe

2017-07-10 06:58 - 2017-07-11 10:29 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

2017-07-10 04:54 - 2017-07-10 04:53 - 00009804 ____N C:\Users\AIRWORX 2\Documents\GatewaySettings.bin

2017-07-10 04:53 - 2017-07-10 04:53 - 00009804 ____N C:\Users\AIRWORX 2\Downloads\GatewaySettings.bin

2017-07-10 04:53 - 2017-07-10 04:53 - 00009804 ____N C:\Users\AIRWORX 2\Downloads\GatewaySettings (1).bin

2017-07-08 03:06 - 2017-07-08 03:06 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\GoToMeeting

2017-07-07 09:56 - 2017-07-10 06:17 - 14379154 ____N C:\Users\AIRWORX 2\Desktop\calls and txtsBook2.xlsx

2017-07-07 09:40 - 2017-07-06 14:49 - 10381776 ____N C:\Users\AIRWORX 2\Desktop\SMSBackup.xml

2017-07-07 09:40 - 2017-07-06 14:48 - 00229555 ____N C:\Users\AIRWORX 2\Desktop\CallLogBackup.xml

2017-07-07 09:34 - 2017-07-07 09:34 - 02066258 ____N C:\Users\AIRWORX 2\Downloads\Backup_Archive (1).zip

2017-07-07 09:31 - 2017-07-07 09:31 - 00190279 ____N C:\Users\AIRWORX 2\Documents\calls.txt

2017-07-07 09:29 - 2017-07-07 09:29 - 02052994 ____N C:\Users\AIRWORX 2\Downloads\Backup_20170627192522.zip

2017-07-07 09:29 - 2017-06-27 19:25 - 10333207 ____N C:\Users\AIRWORX 2\Downloads\SMSBackup.xml

2017-07-07 09:29 - 2017-06-27 19:25 - 00190279 ____N C:\Users\AIRWORX 2\Downloads\CallLogBackup.xml

2017-07-07 09:28 - 2017-07-07 09:28 - 02066258 ____N C:\Users\AIRWORX 2\Downloads\Backup_Archive.zip

2017-07-06 12:30 - 2017-07-06 12:30 - 00002603 _____ C:\Users\Public\Desktop\POS - Rock Gym Pro.lnk

2017-07-06 12:30 - 2017-07-06 12:30 - 00002603 _____ C:\Users\Public\Desktop\Data Entry - Rock Gym Pro.lnk

2017-07-06 11:46 - 2017-07-06 11:46 - 00002775 ____N C:\Users\AIRWORX 2\Downloads\images.jpeg

2017-06-30 10:07 - 2017-06-30 10:08 - 00318450 ____N C:\Users\AIRWORX 2\Documents\CallLogBackup.pdf

2017-06-29 14:34 - 2017-06-29 14:49 - 00024040 ____N C:\Users\AIRWORX 2\Documents\scan333.pdf

2017-06-29 10:44 - 2017-06-29 10:44 - 00000000 __SHD C:\found.000

2017-06-29 10:39 - 2017-06-29 10:39 - 00022330 ____N C:\Users\AIRWORX 2\Documents\support_chat_transcript_c6910346d48b4a6ea2b2f7e1f65f9d4d.txt

2017-06-29 10:02 - 2017-06-29 10:02 - 00000165 ____H C:\Users\AIRWORX 2\Documents\~$SmsBackup.xlsx

2017-06-29 10:02 - 2017-06-29 10:02 - 00000165 ____H C:\Users\AIRWORX 2\Documents\~$CallLogBackup.xlsx

2017-06-29 09:43 - 2017-06-29 09:44 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\.bomgartemp-d443567a9bbd939a6ce635dd5b61ef55-shl-screen_sharingcontextId-cs-2

2017-06-29 09:42 - 2017-06-29 09:43 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\.bomgartemp-d443567a9bbd939a6ce635dd5b61ef55-shl-screen_sharingcontextId-cs-1

2017-06-29 08:54 - 2017-06-29 09:44 - 00000000 ____D C:\CCSupport

2017-06-29 08:54 - 2017-06-29 08:55 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\.bomgartemp-d443567a9bbd939a6ce635dd5b61ef55-shl-screen_sharingcontextId-cs-0

2017-06-29 08:30 - 2017-06-29 08:31 - 00000000 _____ C:\Users\AIRWORX 2\AppData\Local\{3E1C46B4-AE1C-47D4-A253-B086FFB08406}

2017-06-29 08:28 - 2017-06-29 08:31 - 00000000 _____ C:\Users\AIRWORX 2\AppData\Local\{78ACC633-3A05-418D-841A-B650CBA92BFF}

2017-06-29 08:15 - 2017-06-29 08:15 - 00000000 _____ C:\Users\AIRWORX 2\AppData\Local\{A8386299-DD6B-4871-AC75-168430E1797F}

2017-06-29 08:14 - 2017-06-29 08:14 - 00000000 _____ C:\Users\AIRWORX 2\AppData\Local\{F4796B34-AD33-4594-B511-F95371E88EEA}

2017-06-29 08:14 - 2017-06-29 08:14 - 00000000 _____ C:\Users\AIRWORX 2\AppData\Local\{E908C560-4859-4F24-905D-9A65B1BE63E1}

2017-06-29 08:14 - 2017-06-29 08:14 - 00000000 _____ C:\Users\AIRWORX 2\AppData\Local\{E626A012-0E1A-494A-9AB8-0870767076F6}

2017-06-29 08:14 - 2017-06-29 08:14 - 00000000 _____ C:\Users\AIRWORX 2\AppData\Local\{89363267-36DC-427C-A99A-0AEA97994C65}

2017-06-29 08:14 - 2017-06-29 08:14 - 00000000 _____ C:\Users\AIRWORX 2\AppData\Local\{2A86C33F-824B-4295-8831-2FA8CE8A3C08}

2017-06-28 16:45 - 2017-07-21 02:08 - 00000372 _____ C:\WINDOWS\Tasks\HPCeeScheduleForAIRWORX 2.job

2017-06-27 16:06 - 2017-07-11 12:03 - 00000000 ____D C:\WINDOWS\pss

2017-06-27 14:40 - 2017-06-27 14:40 - 00000000 ____H C:\Users\AIRWORX 2\Documents\~WRL2295.tmp

2017-06-27 12:46 - 2017-06-27 12:55 - 00157872 ____N C:\Users\AIRWORX 2\Desktop\webmail.htm

2017-06-27 09:55 - 2017-06-27 09:55 - 01827895 ____N C:\Users\AIRWORX 2\Documents\Backup_2017-06-27 08-04-03.zip

2017-06-27 05:05 - 2017-06-27 05:05 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\Belkasoft

2017-06-27 05:02 - 2017-07-14 05:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkasoft Evidence Center Ultimate

2017-06-27 05:02 - 2017-06-27 05:02 - 00002244 _____ C:\Users\Public\Desktop\Belkasoft Evidence Center Ultimate.lnk

2017-06-27 05:02 - 2017-06-27 05:02 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\Belkasoft

2017-06-27 05:02 - 2017-06-27 05:02 - 00000000 ____D C:\ProgramData\Belkasoft

2017-06-27 05:01 - 2017-06-27 05:02 - 00000000 ____D C:\Program Files (x86)\Belkasoft Evidence Center Ultimate

2017-06-26 18:44 - 2017-06-26 18:44 - 00000000 _____ C:\Users\AIRWORX 2\AppData\Local\{A5A12D5E-AE8C-4443-9C77-6230BEBDBB88}

2017-06-26 13:56 - 2017-06-26 13:57 - 44060880 ____N (Microsoft Corporation) C:\Users\AIRWORX 2\Documents\Windows-KB890830-x64-V5.49.exe

2017-06-26 10:24 - 2017-06-26 10:25 - 06754944 ____N (ESET spol. s r.o.) C:\Users\AIRWORX 2\Documents\esetonlinescanner_enu.exe

2017-06-26 09:52 - 2017-06-28 07:52 - 00181160 _____ (ESET) C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys

2017-06-26 07:43 - 2017-07-10 06:49 - 00002065 _____ C:\Users\Public\Desktop\ESET Banking & Payment protection.lnk

2017-06-26 07:42 - 2017-07-14 05:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

2017-06-26 07:42 - 2017-06-26 07:42 - 00000000 ____D C:\ProgramData\ESET

2017-06-26 07:38 - 2017-06-26 07:40 - 120950400 ____N (ESET) C:\Users\AIRWORX 2\Documents\ess_nt64_enu.exe

2017-06-26 07:35 - 2017-06-26 07:36 - 114369664 ____N (ESET) C:\Users\AIRWORX 2\Documents\ess_nt32_enu.exe

2017-06-26 07:22 - 2017-06-26 07:22 - 00228669 ____N C:\Users\AIRWORX 2\Downloads\0,2817,2346862,00.asp

2017-06-26 07:22 - 2017-06-26 07:22 - 00165520 ____N C:\Users\AIRWORX 2\Downloads\download (2).htm

2017-06-26 07:22 - 2017-06-26 07:22 - 00029518 ____N C:\Users\AIRWORX 2\Downloads\hitmanpro.aspx

2017-06-26 07:22 - 2017-06-26 07:22 - 00005247 ____N C:\Users\AIRWORX 2\Downloads\download (3).htm

2017-06-26 07:22 - 2017-06-26 07:22 - 00000886 ____N C:\Users\AIRWORX 2\Downloads\downloadcsi.asp

2017-06-26 07:21 - 2017-06-26 07:22 - 00008705 ____N C:\Users\AIRWORX 2\Downloads\download (1).htm

2017-06-26 07:21 - 2017-06-26 07:21 - 00123745 ____N C:\Users\AIRWORX 2\Downloads\malicious-software-removal-tool-details.htm

2017-06-26 07:21 - 2017-06-26 07:21 - 00070351 ____N C:\Users\AIRWORX 2\Downloads\download.htm

2017-06-25 07:56 - 2017-06-25 07:56 - 00004425 ____N C:\Users\AIRWORX 2\Downloads\taxcard.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-25 09:32 - 2014-09-11 15:41 - 00000496 _____ C:\Users\AIRWORX 2\Desktop\ITSupport247 (3).website

2017-07-25 07:47 - 2014-04-18 14:27 - 00000000 ____D C:\Program Files (x86)\ASAP Utilities

2017-07-25 02:12 - 2017-03-18 14:03 - 00000000 ___HD C:\Program Files\WindowsApps

2017-07-25 02:12 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\AppReadiness

2017-07-24 11:13 - 2014-01-11 04:08 - 00227376 ____N C:\WINDOWS\Minidump\072417-27515-01.dmp

2017-07-24 11:00 - 2017-02-20 09:27 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\VERIZON

2017-07-24 10:10 - 2017-03-18 14:01 - 00000000 ____D C:\WINDOWS\INF

2017-07-24 10:10 - 2017-03-18 04:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM

2017-07-24 09:54 - 2013-10-14 16:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos

2017-07-24 09:48 - 2014-01-11 04:08 - 00228976 ____N C:\WINDOWS\Minidump\072417-35312-01.dmp

2017-07-24 09:48 - 2013-10-14 16:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2017-07-24 05:40 - 2014-10-29 11:50 - 00000000 ____D C:\Users\Public\Documents\CyberLink

2017-07-24 05:40 - 2013-10-14 16:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools

2017-07-24 05:40 - 2013-10-14 16:40 - 00000000 ____D C:\Program Files (x86)\CyberLink

2017-07-24 05:39 - 2013-10-14 16:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat

2017-07-24 04:57 - 2014-03-12 15:44 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\CrashDumps

2017-07-22 09:17 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\rescache

2017-07-22 08:15 - 2015-01-29 18:03 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\ElevatedDiagnostics

2017-07-22 07:14 - 2017-03-18 13:51 - 00000000 ____D C:\WINDOWS\CbsTemp

2017-07-21 12:08 - 2015-11-12 07:03 - 00000000 ____D C:\Program Files\Common Files\AV

2017-07-21 10:44 - 2014-06-19 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SurveillanceSystem

2017-07-21 02:07 - 2017-03-18 04:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI

2017-07-21 02:07 - 2016-07-01 17:30 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin

2017-07-20 10:51 - 2014-01-10 13:21 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\Packages

2017-07-20 06:51 - 2014-03-26 16:20 - 00000000 ___RD C:\Users\AIRWORX 2\Dropbox

2017-07-19 18:20 - 2014-03-06 03:09 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-07-19 09:59 - 2017-01-24 15:31 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2017-07-19 03:26 - 2014-06-19 09:37 - 00000000 ____D C:\Program Files (x86)\SurveillanceSystem

2017-07-19 02:41 - 2017-02-16 09:34 - 00000000 ___HD C:\DrFoneForAndroid

2017-07-18 22:47 - 2016-03-08 09:58 - 00000000 ____D C:\Users\AIRWORX 2\Documents\Outlook Files

2017-07-18 20:18 - 2015-07-30 12:30 - 00525312 _____ C:\Users\AIRWORX 2\Outlook.pst

2017-07-18 13:58 - 2014-03-12 15:25 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\.oit

2017-07-18 13:40 - 2014-11-12 15:43 - 00124551 ____H C:\Users\AIRWORX 2\Desktop\maxdesk.ini2

2017-07-18 13:40 - 2014-11-12 15:43 - 00008230 ____H C:\Users\AIRWORX 2\Desktop\PP11Thumbs.ptn2

2017-07-18 13:40 - 2014-09-04 12:53 - 00021516 ____H C:\Users\AIRWORX 2\Downloads\.ppinfocache

2017-07-18 13:39 - 2014-11-12 15:33 - 07196349 ____H C:\Users\AIRWORX 2\Desktop\PP11Thumbs.ptn

2017-07-18 13:27 - 2014-03-26 12:59 - 00042262 ____H C:\Users\AIRWORX 2\Documents\PP11Thumbs.ptn2

2017-07-18 11:25 - 2014-01-21 15:23 - 00000000 ___RD C:\Users\AIRWORX 2\Google Drive

2017-07-18 04:30 - 2015-04-20 17:06 - 00000000 __RDO C:\Users\AIRWORX 2\OneDrive

2017-07-18 04:26 - 2017-02-20 09:10 - 00001887 ____N C:\Users\AIRWORX 2\Desktop\Recuva.lnk

2017-07-18 04:26 - 2017-02-20 08:22 - 00000000 ____D C:\Program Files\Recuva

2017-07-18 04:25 - 2016-10-02 22:21 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\ConnectedDevicesPlatform

2017-07-18 03:55 - 2017-02-13 05:55 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2017-07-18 03:51 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

2017-07-17 03:43 - 2016-04-19 19:11 - 00000000 ____D C:\Users\AIRWORX 2\Desktop\Alarm Activity Formatted Download_files

2017-07-15 06:57 - 2016-07-02 19:55 - 00002424 _____ C:\Users\AIRWORX 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2017-07-15 03:54 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\appcompat

2017-07-14 10:51 - 2017-06-20 08:47 - 00000000 ____D C:\Program Files (x86)\LG Electronics

2017-07-14 10:47 - 2013-10-14 16:40 - 00000000 ____D C:\ProgramData\WildTangent

2017-07-14 10:47 - 2013-10-14 16:40 - 00000000 ____D C:\Program Files (x86)\WildTangent Games

2017-07-14 10:46 - 2014-08-04 13:01 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2017-07-14 10:40 - 2015-01-29 16:07 - 00000519 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics

2017-07-14 06:50 - 2017-03-18 14:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2017-07-14 06:50 - 2016-04-26 23:39 - 00000000 __RHD C:\Users\Public\AccountPictures

2017-07-14 06:35 - 2017-03-18 14:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template

2017-07-14 06:32 - 2017-03-18 14:06 - 00000000 ____D C:\WINDOWS\Setup

2017-07-14 06:31 - 2017-03-18 14:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12

2017-07-14 06:31 - 2017-03-18 14:03 - 00000000 ___SD C:\WINDOWS\system32\F12

2017-07-14 06:31 - 2017-03-18 14:03 - 00000000 ___RD C:\Program Files\Windows Defender

2017-07-14 06:31 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\migwiz

2017-07-14 06:31 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\appraiser

2017-07-14 06:31 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\ShellExperiences

2017-07-14 06:31 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2017-07-14 06:31 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2017-07-14 06:31 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2017-07-14 06:24 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase

2017-07-14 06:23 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism

2017-07-14 06:23 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2017-07-14 06:23 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\Provisioning

2017-07-14 06:23 - 2017-03-18 04:40 - 00000000 ____D C:\WINDOWS\system32\Dism

2017-07-14 06:19 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated

2017-07-14 06:18 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\Registration

2017-07-14 06:14 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv

2017-07-14 06:14 - 2017-03-18 13:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe

2017-07-14 06:14 - 2017-03-18 13:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe

2017-07-14 06:14 - 2017-03-18 13:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll

2017-07-14 06:12 - 2017-03-18 19:31 - 00000000 ____D C:\WINDOWS\HoloShell

2017-07-14 06:12 - 2014-10-29 11:58 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat

2017-07-14 06:11 - 2017-03-18 14:03 - 00000000 __RHD C:\Users\Public\Libraries

2017-07-14 06:04 - 2014-07-02 11:24 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-07-14 06:02 - 2017-03-18 14:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2017-07-14 05:59 - 2017-06-13 19:20 - 00000000 ____D C:\WINDOWS\system32\UNP

2017-07-14 05:59 - 2017-05-10 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shutterfly Uploader

2017-07-14 05:59 - 2017-05-03 08:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Family Lawyer

2017-07-14 05:59 - 2017-04-21 05:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cox Cloud Drive

2017-07-14 05:59 - 2017-03-18 14:03 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files

2017-07-14 05:59 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\FxsTmp

2017-07-14 05:59 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\ModemLogs

2017-07-14 05:59 - 2017-03-17 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Escaperoom Software

2017-07-14 05:59 - 2017-03-16 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2017-07-14 05:59 - 2017-02-20 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva

2017-07-14 05:59 - 2017-01-03 09:39 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dahuatech Smart Player

2017-07-14 05:59 - 2016-12-21 09:20 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2017-07-14 05:59 - 2016-10-27 03:53 - 00000000 ____D C:\WINDOWS\system32\nn-NO

2017-07-14 05:59 - 2016-09-30 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2017-07-14 05:59 - 2016-05-12 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect

2017-07-14 05:59 - 2016-04-28 08:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2017-07-14 05:59 - 2016-04-26 23:20 - 00000000 ____D C:\WINDOWS\ShellNew

2017-07-14 05:59 - 2016-02-09 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TaxAct

2017-07-14 05:59 - 2015-06-08 09:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2017-07-14 05:59 - 2015-04-03 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother

2017-07-14 05:59 - 2014-12-30 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVIGenerator2.0

2017-07-14 05:59 - 2014-04-18 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASAP Utilities

2017-07-14 05:59 - 2014-03-13 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software

2017-07-14 05:59 - 2014-03-13 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan

2017-07-14 05:59 - 2014-03-12 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PDF Create 7

2017-07-14 05:59 - 2014-03-12 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 14

2017-07-14 05:59 - 2014-03-04 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2017-07-14 05:59 - 2014-03-04 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rock Gym Pro

2017-07-14 05:59 - 2013-10-14 16:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2017-07-14 05:59 - 2013-10-14 16:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support

2017-07-14 05:56 - 2015-10-29 23:28 - 00000000 ____D C:\Users\Default.migrated

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\spool

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\oobe

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\NDF

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\IME

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\et-EE

2017-07-14 05:52 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\system32\en-GB

2017-07-14 05:52 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared

2017-07-14 05:52 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared

2017-07-14 05:51 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2017-07-14 05:51 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\InputMethod

2017-07-14 05:51 - 2016-02-04 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital

2017-07-14 05:51 - 2014-03-04 12:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services

2017-07-14 05:50 - 2017-05-31 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

2017-07-14 05:50 - 2017-03-18 14:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2017-07-14 05:50 - 2014-03-13 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON

2017-07-14 05:50 - 2014-03-04 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL

2017-07-14 05:50 - 2013-10-14 16:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection

2017-07-14 05:49 - 2017-03-18 14:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv

2017-07-14 05:49 - 2013-08-22 08:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy

2017-07-14 05:47 - 2017-03-18 14:03 - 00000000 ____D C:\ProgramData\USOPrivate

2017-07-14 05:46 - 2013-04-03 17:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages

2017-07-14 05:44 - 2017-03-18 04:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep

2017-07-14 04:28 - 2014-03-04 16:20 - 00000000 ____D C:\ProgramData\Adobe

2017-07-14 03:46 - 2016-06-14 17:47 - 00199392 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys

2017-07-13 13:48 - 2015-10-19 12:01 - 00000000 ____D C:\Program Files (x86)\Dropbox

2017-07-11 14:08 - 2014-03-06 03:09 - 00000000 ____D C:\WINDOWS\system32\MRT

2017-07-11 12:11 - 2017-06-13 19:20 - 00000000 ____D C:\Program Files\UNP

2017-07-11 12:05 - 2015-07-13 07:14 - 00132848 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys

2017-07-10 15:42 - 2017-06-16 12:04 - 00000000 ____D C:\Users\AIRWORX 2\Desktop\Babe

2017-07-10 10:26 - 2017-02-16 07:35 - 00000000 ____D C:\Program Files (x86)\Wondershare

2017-07-10 06:42 - 2016-07-01 14:24 - 00000000 ____D C:\Windows10Upgrade

2017-07-10 06:30 - 2015-09-07 08:21 - 00000678 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2671885098-678752524-1400920573-1001.job

2017-07-10 06:30 - 2014-04-02 13:11 - 00000582 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2671885098-678752524-1400920573-1001.job

2017-07-07 10:46 - 2015-12-14 11:13 - 00113371 ____N C:\Users\AIRWORX 2\Desktop\Book2.xlsx

2017-07-06 12:30 - 2014-10-23 16:52 - 00002603 _____ C:\Users\Public\Desktop\Calendar - Rock Gym Pro.lnk

2017-07-06 12:30 - 2014-03-04 13:30 - 00002603 _____ C:\Users\Public\Desktop\CheckIn - Rock Gym Pro.lnk

2017-07-06 12:30 - 2014-03-04 13:30 - 00000000 ____D C:\Program Files (x86)\Rock Gym Pro

2017-07-03 15:04 - 2016-10-27 13:08 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\ThisLife

2017-06-30 07:47 - 2017-03-18 14:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2017-06-30 07:47 - 2017-03-18 14:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2017-06-29 14:49 - 2017-02-10 07:53 - 00003072 ___SH C:\Users\AIRWORX 2\Documents\PPMetaData.bin

2017-06-29 14:49 - 2014-03-26 13:01 - 00311230 ____H C:\Users\AIRWORX 2\Documents\.ppinfocache

2017-06-29 14:49 - 2014-03-26 12:59 - 00026319 ____H C:\Users\AIRWORX 2\Documents\maxdesk.ini2

2017-06-29 14:49 - 2014-03-26 12:57 - 33680638 ____H C:\Users\AIRWORX 2\Documents\PP11Thumbs.ptn

2017-06-28 02:52 - 2014-12-23 11:08 - 00000000 ____D C:\Program Files\ESET

2017-06-26 10:25 - 2014-03-04 13:12 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\ESET

2017-06-26 10:07 - 2014-03-04 13:12 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\ESET

2017-06-26 07:02 - 2014-12-30 17:01 - 00000000 ____D C:\Program Files (x86)\Video Client

2017-06-26 07:01 - 2013-10-14 16:54 - 00000000 ____D C:\Program Files (x86)\Windows Live

2017-06-26 06:59 - 2014-03-27 12:37 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\Windows Live

2017-06-26 06:58 - 2017-05-31 09:35 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\Samsung

2017-06-26 06:58 - 2017-05-31 09:35 - 00000000 ____D C:\Program Files (x86)\Samsung

2017-06-25 10:19 - 2014-05-28 14:16 - 00000000 ____D C:\Users\AIRWORX 2\AppData\Local\Google

==================== Files in the root of some directories =======

2015-04-01 09:26 - 2005-12-08 19:51 - 0000060 ____R () C:\Program Files (x86)\BRINST.INI

2017-04-14 06:58 - 2017-04-14 06:58 - 0000000 _____ () C:\Users\AIRWORX 2\AppData\Roaming\IVOPEN.$$$

2014-12-17 10:09 - 2014-12-17 10:10 - 0012962 _____ () C:\Users\AIRWORX 2\AppData\Roaming\Microsoft Excel 97-2003.CAL

2014-03-26 13:47 - 2017-05-22 04:36 - 0007607 _____ () C:\Users\AIRWORX 2\AppData\Local\resmon.resmoncfg

2017-06-29 08:14 - 2017-06-29 08:14 - 0000000 _____ () C:\Users\AIRWORX 2\AppData\Local\{2A86C33F-824B-4295-8831-2FA8CE8A3C08}

2017-06-29 08:30 - 2017-06-29 08:31 - 0000000 _____ () C:\Users\AIRWORX 2\AppData\Local\{3E1C46B4-AE1C-47D4-A253-B086FFB08406}

2017-06-29 08:28 - 2017-06-29 08:31 - 0000000 _____ () C:\Users\AIRWORX 2\AppData\Local\{78ACC633-3A05-418D-841A-B650CBA92BFF}

2017-06-29 08:14 - 2017-06-29 08:14 - 0000000 _____ () C:\Users\AIRWORX 2\AppData\Local\{89363267-36DC-427C-A99A-0AEA97994C65}

2017-06-26 18:44 - 2017-06-26 18:44 - 0000000 _____ () C:\Users\AIRWORX 2\AppData\Local\{A5A12D5E-AE8C-4443-9C77-6230BEBDBB88}

2017-06-29 08:15 - 2017-06-29 08:15 - 0000000 _____ () C:\Users\AIRWORX 2\AppData\Local\{A8386299-DD6B-4871-AC75-168430E1797F}

2017-06-29 08:14 - 2017-06-29 08:14 - 0000000 _____ () C:\Users\AIRWORX 2\AppData\Local\{E626A012-0E1A-494A-9AB8-0870767076F6}

2017-06-29 08:14 - 2017-06-29 08:14 - 0000000 _____ () C:\Users\AIRWORX 2\AppData\Local\{E908C560-4859-4F24-905D-9A65B1BE63E1}

2017-06-29 08:14 - 2017-06-29 08:14 - 0000000 _____ () C:\Users\AIRWORX 2\AppData\Local\{F4796B34-AD33-4594-B511-F95371E88EEA}

2015-12-09 12:34 - 2015-12-09 12:34 - 0000145 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

2014-03-24 15:02 - 2014-10-23 13:06 - 0000226 _____ () C:\ProgramData\RSUserCfg.ini

Files to move or delete:

====================

C:\Users\AIRWORX 2\ASAP_Utilities_5-2-1_HS_Setup.exe

C:\Users\AIRWORX 2\WDMyCloud_win.exe

Some files in TEMP:

====================

2017-07-24 09:42 - 2017-07-24 09:42 - 5146944 _____ (Seagate) C:\Users\AIRWORX 2\AppData\Local\Temp\6E330CFC-ACCF-452F-A6C9-1B82B0413B6D.exe

2017-07-14 09:29 - 2017-07-14 06:30 - 1930320 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\AppData\Local\Temp\dllnt_dump.dll

2017-07-18 17:38 - 2017-07-18 17:38 - 1503232 _____ () C:\Users\AIRWORX 2\AppData\Local\Temp\libmysqlinstanceconf.dll

2013-10-05 01:38 - 2013-10-05 01:38 - 0455328 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\AppData\Local\Temp\msvcp120.dll

2013-10-05 01:38 - 2013-10-05 01:38 - 0970912 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\AppData\Local\Temp\msvcr120.dll

2016-07-30 17:08 - 2016-07-30 17:08 - 3112960 _____ (Jason York) C:\Users\AIRWORX 2\AppData\Local\Temp\pc-decrapifier.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-24 07:20

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-07-2017

Ran by AIRWORX 2 (25-07-2017 16:01:16)

Running from C:\Users\AIRWORX 2\Desktop

Windows 10 Home Version 1703 (X64) (2017-07-14 13:25:55)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2671885098-678752524-1400920573-500 - Administrator - Disabled) => C:\Users\Administrator

AIRWORX 2 (S-1-5-21-2671885098-678752524-1400920573-1001 - Administrator - Enabled) => C:\Users\AIRWORX 2

AirworxAZ (S-1-5-21-2671885098-678752524-1400920573-1007 - Administrator - Enabled) => C:\Users\AirworxAZ

DefaultAccount (S-1-5-21-2671885098-678752524-1400920573-503 - Limited - Disabled)

Guest (S-1-5-21-2671885098-678752524-1400920573-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Total Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AV: ESET Smart Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}

AS: ESET Smart Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Kaspersky Total Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

FW: Kaspersky Total Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Photoshop Elements 4.0 (HKLM-x32\...\Adobe Photoshop Elements 4) (Version: 4.0 - Adobe Systems Inc.)

Adobe Reader XI (11.0.20) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)

Alcor Micro USB Card Reader Driver (HKLM-x32\...\{05E5AD66-7CD0-4719-A229-0D3A7A5240D2}) (Version: 20.22.2217.13862 - Alcor Micro Corp.) Hidden

Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.22.2217.13862 - Alcor Micro Corp.)

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)

AMD Catalyst Install Manager (HKLM\...\{40959651-122E-1A16-9011-40629C01703F}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)

ASAP Utilities (HKLM-x32\...\ASAP Utilities_is1) (Version: 7.1 - Bastien Mensink - A Must in Every Office BV)

AVIGenerator2.0 2.0.0.3 (HKLM-x32\...\AVIGenerator2.0) (Version: 2.0.0.3 - )

Belkasoft Evidence Center Ultimate (HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\Belkasoft Evidence Center Ultimate) (Version: - )

Broderbund Family Lawyer (HKLM-x32\...\{ED95E1BA-8C35-4D78-8A20-FD5A728711E2}) (Version: 1.00.0000 - Bluecase) Hidden

Broderbund Family Lawyer (HKLM-x32\...\InstallShield_{ED95E1BA-8C35-4D78-8A20-FD5A728711E2}) (Version: 1.00.0000 - Bluecase)

Brother MFL-Pro Suite MFC-7860DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)

Cloud Drive (HKLM-x32\...\{F40EC703-6B64-4C2D-80BC-5ED2D8295C04}) (Version: 5.1.30.18 - Cox Secure Online Backup for Windows)

Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )

CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.3003 - CyberLink Corp.)

Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4608 - CyberLink Corp.)

CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3007 - CyberLink Corp.)

Drag and Drop Backup (HKLM-x32\...\{480EA68A-699D-450D-9869-2216AC49D23C}) (Version: 2.1.33 - Cox)

Dropbox (HKLM-x32\...\Dropbox) (Version: 30.4.22 - Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden

Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )

Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )

Escaperoom Software (HKLM-x32\...\{7BAA7E0D-9B92-4FE7-AEC8-F11EAE801922}) (Version: 3.1.0.0 - Escaperoom Software)

ESET Smart Security (HKLM\...\{2B587448-4CE3-4196-A237-A425E557F052}) (Version: 10.1.204.0 - ESET, spol. s r.o.)

Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)

Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden

Hewlett-Packard ACLM.NET v1.2.2.1 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden

HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)

HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6668.4491 - Hewlett-Packard)

HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.4.19.3 - Hewlett-Packard Company)

HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)

HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.7.27.15 - HP)

Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)

Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden

Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)

Kaspersky Security Scan (HKLM-x32\...\{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab) Hidden

Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)

Kaspersky Software Updater (HKLM-x32\...\{DEEDA858-A9B4-4212-8873-2F2CE2706E68}) (Version: 2.0.0.623 - Kaspersky Lab) Hidden

Kaspersky Software Updater (HKLM-x32\...\InstallWIX_{DEEDA858-A9B4-4212-8873-2F2CE2706E68}) (Version: 2.0.0.623 - Kaspersky Lab)

Kaspersky Total Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden

Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)

Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)

Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

MySQL Connector/ODBC 5.1 (HKLM-x32\...\{38CDEC3E-ABC4-4EB8-BE3B-2181A97813AE}) (Version: 5.1.12 - Oracle Corporation)

MySQL Server 5.0 (HKLM-x32\...\{97EFE060-CE35-4709-9B3A-5D3C8F686FED}) (Version: 5.0.90 - MySQL AB)

Nuance PaperPort 14 (HKLM-x32\...\{14CB3B82-FBDC-4462-919E-86147983F09B}) (Version: 14.5.0000 - Nuance Communications, Inc.)

Nuance PDF Create 7 (HKLM\...\{AAA715B7-02F9-4F2D-92C9-80EC63835AA1}) (Version: 7.10.6408 - Nuance Communications, Inc.)

Nuance PDF Create 7 (HKLM-x32\...\{AAA715B7-02F9-4F2D-92C9-80EC63835AA1}) (Version: 7.10.6408 - Nuance Communications, Inc.)

Nuance PDF Viewer Plus (HKLM-x32\...\{FC984E39-43D0-4AB2-ACC7-A7B87977B009}) (Version: 7.20.3274 - Nuance Communications, Inc.)

PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0001 - Nuance Communications, Inc.)

Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)

Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.6208 - CyberLink Corp.) Hidden

Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)

Rock Gym Pro (HKLM-x32\...\{827570FB-0E88-444C-ADBC-9E799571E292}) (Version: 1.1.21247 - RGP Development LLC)

RogueKiller version 12.11.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.6.0 - Adlice Software)

Scansoft PDF Create (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden

Seagate DiscWizard (HKLM-x32\...\{8FB2A014-A0B0-42D8-8E18-9AFC6A6E2814}) (Version: 13.0.14387 - Seagate)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)

Shutterfly Uploader (HKLM-x32\...\{CD928A00-1C70-4353-B9B9-7BC8600F3E43}) (Version: 2.9.0.737 - Shutterfly, Inc.)

Smart Player (HKLM-x32\...\Smart Player3.00.0) (Version: 3.00.0 - Zhejiang Dahua Technology Co.,LTD.)

Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden

Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)

SyncFileSetup (x86) (HKLM-x32\...\{04848A0A-02B1-4703-B15D-6E7DCF95FB84}) (Version: 1.3.5949.26210 - Western Digital Technologies, Inc) Hidden

TaxAct 2015 1040 Edition (HKLM-x32\...\TaxAct 2015 1040 Edition) (Version: 1.03 - TaxAct, Inc.)

TaxAct 2015 Arizona (HKLM-x32\...\TaxAct 2015 Arizona) (Version: 1.02 - TaxAct, Inc.)

TaxAct 2016 1040 Edition (HKLM-x32\...\TaxAct 2016 1040 Edition) (Version: 1.03 - TaxAct, Inc.)

WD Sync (HKLM-x32\...\{0d591303-bbc5-4645-a03b-1c3f75f1a762}) (Version: 1.3.5949.26210 - Western Digital Technologies, Inc.)

Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)

Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)

WorkForce GT-1500 Scanner Driver Update (HKLM-x32\...\{37D0F29D-AB95-4598-ACF0-D3CC38C161D9}) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2671885098-678752524-1400920573-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\AIRWORX 2\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll => No File

CustomCLSID: HKU\S-1-5-21-2671885098-678752524-1400920573-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\AIRWORX 2\AppData\Local\Citrix\GoToMeeting\1350\G2MOutlookAddin64.dll => No File

CustomCLSID: HKU\S-1-5-21-2671885098-678752524-1400920573-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\AIRWORX 2\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncApi64.dll => No File

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)

ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\AIRWORX 2\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\AIRWORX 2\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\AIRWORX 2\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\AIRWORX 2\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\AIRWORX 2\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\AIRWORX 2\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll -> No File

ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)

ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)

ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ContextMenuHandlers01: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-07-11] (ESET)

ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)

ContextMenuHandlers01: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)

ContextMenuHandlers01: [WDSyncContextMenuHandler] -> {5A51BDCB-F8C2-4698-B79C-A77DF0AA466B} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)

ContextMenuHandlers01: [Zeon.MFCDirectShellExt] -> {353C642C-F13D-4699-9FF2-EFAF490B6C69} => C:\Program Files (x86)\Nuance\PDFCreate\bin\DirectShellExt.dll [2010-07-16] (Zeon International Investment Corp. )

ContextMenuHandlers02: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-07-11] (ESET)

ContextMenuHandlers02: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)

ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)

ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)

ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)

ContextMenuHandlers04: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)

ContextMenuHandlers04: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)

ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)

ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ContextMenuHandlers06: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-07-11] (ESET)

ContextMenuHandlers06: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-04-28] (AO Kaspersky Lab)

ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)

ContextMenuHandlers06: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)

ContextMenuHandlers06: [WDSyncContextMenuHandler] -> {5A51BDCB-F8C2-4698-B79C-A77DF0AA466B} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {005B78DE-9ECF-4C1D-85D3-6330FE864BA6} - System32\Tasks\GoogleUpdateTaskMachineCore1d040ece2e11a19 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {073958F3-8E5F-4CF7-8625-ABD15377481E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)

Task: {09A59663-C166-40BC-9600-B8CCE33DEE90} - System32\Tasks\HPCeeScheduleForAIRWORX 2 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

Task: {0A1E4A40-752E-425E-B7D0-0A0AE002C93C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

Task: {259AE203-7AAC-4A0D-93DD-5EB4EE090A28} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

Task: {264F49CB-3415-488D-B8DA-9F6F8BE48331} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)

Task: {2E84AC4F-16D2-4F2F-AF13-EF11260452E1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {2EE58945-C40B-43A8-A167-173E412D9D98} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf681e553bf8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe

Task: {37C32B19-9630-4A28-9E5A-8EA8CD06CFA2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-24] (Dropbox, Inc.)

Task: {438F072B-AAE9-40AF-AC57-02A64C04DE3D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

Task: {46064571-564C-4D46-9842-A167DDF1D942} - System32\Tasks\GoogleUpdateTaskMachineCore1d08f601e825b6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {4AE24562-AD31-4B90-9AE5-ED4C785E4F09} - System32\Tasks\G2MUpdateTask-S-1-5-21-2671885098-678752524-1400920573-1001 => C:\Users\AIRWORX 2\AppData\Local\Citrix\GoToMeeting\5530\g2mupdate.exe [2016-09-03] (Citrix Online, a division of Citrix Systems, Inc.)

Task: {4F1C7B6F-3451-443B-A7EA-F05EF590C939} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

Task: {4FD0925E-6E79-4BC0-A382-3D5CCA5C36B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-06-28] (HP Inc.)

Task: {56FA405C-914E-41DB-A1DA-640837A26134} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)

Task: {5DB34D0B-4B82-47F6-B06D-2D195446A83A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {70DBC4DD-6DE6-48DB-A77B-732338AD113D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)

Task: {73A54363-343D-4A5D-8AFB-7B6D321401D7} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)

Task: {78F037B8-98B7-4FB4-8208-86D30D156F8F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: {7A8C073B-9921-4385-A061-FF8B5410A453} - System32\Tasks\{39393239-4118-43A9-9EF4-579F68CFC882} => C:\WINDOWS\system32\pcalua.exe -a C:\PROGRA~2\SAAZOD\Uninstall\uninstall.exe -c "/U:C:\PROGRA~2\SAAZOD\Uninstall\uninstall.xml"

Task: {8258540A-E194-4B1C-A446-B100E53A7B7B} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe

Task: {8A6CE6D2-BAFF-47BD-B636-5632FA76D78E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)

Task: {8EE60D19-E484-4EC5-87B6-BEB1AE19CF50} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8dc0ce6bb10d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {8F630B83-069D-434E-B4C4-59AD3C10A507} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

Task: {916845C6-0741-433C-AC62-C4B3A5F302DB} - System32\Tasks\S-1-5-21-2671885098-678752524-1400920573-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)

Task: {A06C2463-6FDA-437F-BFAC-91F03898B57C} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION

Task: {A7CF62C0-17A6-42AB-A10F-9A6C446B7B33} - System32\Tasks\G2MUploadTask-S-1-5-21-2671885098-678752524-1400920573-1001 => C:\Users\AIRWORX 2\AppData\Local\Citrix\GoToMeeting\5530\g2mupload.exe [2016-09-03] (Citrix Online, a division of Citrix Systems, Inc.)

Task: {ACE8B2E6-FDA5-4314-A2D5-4B96CC439AEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)

Task: {AF0278DE-91EC-48AE-BDAF-F7FE516AF428} - System32\Tasks\{32B26120-173E-4516-BA92-CE080FB3608E} => C:\WINDOWS\system32\pcalua.exe -a F:\Display_menu.exe -d F:\

Task: {B9FA1D84-F00D-445B-8400-F7C7E90DD53E} - System32\Tasks\RGP Backup => C:\Program Files (x86)\Rock Gym Pro\Backup.exe [2017-06-04] ()

Task: {CE775C70-F807-4E1F-891C-712F82A9408E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {D7E60E76-AB93-449D-99DB-17494EB2C958} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

Task: {E622463C-A190-4A30-A528-A6EF1AACE5FC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-24] (Dropbox, Inc.)

Task: {E6505B7C-6B08-451F-A300-AF1087B421C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2671885098-678752524-1400920573-1001.job => C:\Users\AIRWORX 2\AppData\Local\GoToMeeting\7297\g2mupdate.exe

Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2671885098-678752524-1400920573-1001.job => C:\Users\AIRWORX 2\AppData\Local\GoToMeeting\7297\g2mupload.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d040ece2e11a19.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08f601e825b6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\HPCeeScheduleForAIRWORX 2.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\AIRWORX 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"

ShortcutWithArgument: C:\Users\AIRWORX 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

ShortcutWithArgument: C:\Users\AIRWORX 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\600fb694c0849943\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 9"

ShortcutWithArgument: C:\Users\AIRWORX 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Brandi - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) ==============

2014-05-15 13:29 - 2005-04-21 21:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll

2005-09-09 03:24 - 2005-09-09 03:24 - 00102400 _____ () C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

2015-11-04 16:43 - 2015-11-04 16:43 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2017-07-20 08:55 - 2017-06-27 12:06 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

2017-03-18 13:58 - 2017-03-18 13:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll

2017-03-18 13:59 - 2017-03-18 19:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2017-06-26 19:32 - 2017-06-22 20:21 - 02692440 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\swiftshader\libglesv2.dll

2017-06-26 19:32 - 2017-06-22 20:21 - 00137048 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\swiftshader\libegl.dll

2017-06-08 02:07 - 2017-06-08 02:07 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-07-25 02:11 - 2017-07-25 02:11 - 10631168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll

2017-07-25 02:11 - 2017-07-25 02:11 - 02640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll

2017-07-12 08:25 - 2017-07-12 08:27 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

2017-07-12 08:25 - 2017-07-12 08:27 - 27590144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll

2017-07-12 08:25 - 2017-07-12 08:27 - 00428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll

2017-07-12 08:25 - 2017-07-12 08:27 - 20649984 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll

2017-07-12 08:25 - 2017-07-12 08:27 - 02305536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\MediaEngine.dll

2017-07-12 08:25 - 2017-07-12 08:27 - 02856448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll

2017-06-08 02:07 - 2017-06-08 02:07 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-06-14 12:21 - 2017-06-14 12:22 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll

2016-08-24 04:52 - 2016-08-24 04:53 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll

2017-07-12 08:25 - 2017-07-12 08:27 - 01127936 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll

2017-05-09 08:08 - 2017-05-09 08:08 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll

2016-11-26 23:42 - 2016-11-26 23:42 - 00332104 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\dblite.dll

2016-11-26 23:37 - 2016-11-26 23:37 - 00418512 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\ipm_service.dll

2014-12-11 17:40 - 2014-12-11 17:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll

2016-12-21 20:21 - 2016-12-21 20:21 - 45077376 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libcef.dll

2017-07-13 13:47 - 2017-07-12 12:58 - 00746816 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll

2017-07-13 13:47 - 2017-07-12 12:58 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll

2015-12-11 01:07 - 2017-07-12 12:58 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd

2015-12-11 01:07 - 2017-07-12 13:01 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00125904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 01862992 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd

2017-07-13 13:47 - 2017-07-12 12:58 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd

2017-07-13 13:47 - 2017-07-12 12:58 - 00020432 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd

2017-07-13 13:47 - 2017-07-12 12:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll

2015-12-11 01:07 - 2017-07-12 12:58 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd

2016-08-06 10:17 - 2017-07-12 13:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 00062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 00040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd

2017-07-13 13:47 - 2017-07-12 12:58 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll

2017-07-13 13:47 - 2017-07-12 12:58 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd

2015-12-11 01:07 - 2017-07-12 13:01 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd

2016-08-06 10:17 - 2017-07-12 13:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd

2017-05-17 12:53 - 2017-07-12 13:01 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd

2015-12-11 01:07 - 2017-07-12 13:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd

2017-02-24 11:41 - 2017-07-12 13:01 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd

2017-01-23 12:26 - 2017-07-12 13:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd

2016-04-15 15:18 - 2017-07-12 13:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd

2017-01-23 12:26 - 2017-07-12 13:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd

2017-01-23 12:26 - 2017-07-12 13:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd

2017-01-23 12:26 - 2017-07-12 13:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd

2016-02-25 12:07 - 2017-07-12 13:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd

2017-07-13 13:47 - 2017-07-12 12:58 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll

2017-07-13 13:47 - 2017-07-12 12:59 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd

2017-07-13 13:47 - 2017-07-12 12:58 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll

2017-07-13 13:47 - 2017-07-12 12:59 - 00181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL

2016-07-28 16:09 - 2017-07-12 13:01 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 00024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll

2017-07-13 13:47 - 2017-07-12 12:59 - 01637688 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll

2016-08-06 10:17 - 2017-07-12 13:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd

2017-04-07 11:59 - 2017-07-12 13:01 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd

2015-10-19 12:08 - 2017-07-12 12:58 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll

2016-12-21 20:21 - 2016-12-21 20:21 - 01650560 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libglesv2.dll

2016-12-21 20:21 - 2016-12-21 20:21 - 00082304 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\AIRWORX 2\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper

DNS Servers: 68.105.28.11 - 68.105.29.11

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: CDPUserSvc_492c3 => 2

MSCONFIG\Services: CDPUserSvc_5d4d8 => 2

MSCONFIG\Services: GoToAssist => 3

MSCONFIG\Services: MessagingService_492c3 => 3

MSCONFIG\Services: MessagingService_5d4d8 => 3

MSCONFIG\Services: OneSyncSvc_492c3 => 2

MSCONFIG\Services: OneSyncSvc_5d4d8 => 2

HKLM\...\StartupApproved\StartupFolder: => "BackupRemind.lnk"

HKLM\...\StartupApproved\StartupFolder: => "Cox Cloud Drive.lnk"

HKLM\...\StartupApproved\Run: => "SysTrayApp"

HKLM\...\StartupApproved\Run: => "BeatsOSDApp"

HKLM\...\StartupApproved\Run: => "Lathem.USBTM.UI"

HKLM\...\StartupApproved\Run: => "Seagate Scheduler2 Service"

HKLM\...\StartupApproved\Run32: => "StartCCC"

HKLM\...\StartupApproved\Run32: => "Adobe ARM"

HKLM\...\StartupApproved\Run32: => "ISUSPM"

HKLM\...\StartupApproved\Run32: => "PPort14reminder"

HKLM\...\StartupApproved\Run32: => "IndexSearch"

HKLM\...\StartupApproved\Run32: => "PaperPort PTD"

HKLM\...\StartupApproved\Run32: => "PDFCreHook"

HKLM\...\StartupApproved\Run32: => "PDFProHook"

HKLM\...\StartupApproved\Run32: => "PDF7 Registry Controller"

HKLM\...\StartupApproved\Run32: => "EEventManager"

HKLM\...\StartupApproved\Run32: => "Adobe Photo Downloader"

HKLM\...\StartupApproved\Run32: => "ControlCenter4"

HKLM\...\StartupApproved\Run32: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "DiscWizardMonitor.exe"

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

HKLM\...\StartupApproved\Run32: => "Vault Explorer Cache Watcher"

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\StartupApproved\StartupFolder: => "Verizon Wireless Software Utility Application for Android – Samsung.lnk"

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\StartupApproved\Run: => "SmartSwitchPDLR.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{00AA2407-5CF7-47A5-9DDD-F424A5691F7F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

FirewallRules: [{97357220-4D2F-4FFD-8DC2-EE30F08F979A}] => (Allow) %systemroot%\system32\alg.exe

FirewallRules: [{76B00221-8ED9-44B4-A9A8-180AA9701989}] => (Allow) %systemroot%\system32\alg.exe

FirewallRules: [{57CE1D01-0DD4-4864-9D49-CCD8D0024DB5}] => (Allow) %systemroot%\system32\alg.exe

FirewallRules: [{2042F16E-3442-4D60-B82C-3EBE56757C77}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [UDP Query User{13D4495E-1B20-4E5F-BB5C-A466C9AF6EB6}C:\program files (x86)\escaperoom software\escaperoom.exe] => (Allow) C:\program files (x86)\escaperoom software\escaperoom.exe

FirewallRules: [TCP Query User{A1B22892-C13F-42B1-8B86-AEBC5293F339}C:\program files (x86)\escaperoom software\escaperoom.exe] => (Allow) C:\program files (x86)\escaperoom software\escaperoom.exe

FirewallRules: [{F86D4BC7-A6B7-4C8C-A170-9513779233C6}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe

FirewallRules: [{6C601AEC-C783-4F4C-9EE1-47CAA6B853EF}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe

FirewallRules: [{50984AD4-0142-46A0-A1BA-A911B0EC88FD}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe

FirewallRules: [UDP Query User{8E8846C5-505D-4C71-8E8C-191B20CE8CC1}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe

FirewallRules: [TCP Query User{52A14CC1-81FA-4EE6-B8DE-2CACF81CFFC6}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe

FirewallRules: [{C3205BCA-4BA3-41FC-AA89-9CB74ED73D31}] => (Allow) LPort=3306

FirewallRules: [{6E8725CD-1AF4-456C-95BE-7433E0345F7E}] => (Allow) LPort=9158

FirewallRules: [{543FD946-F6B3-40D9-9BBF-ACCF81C0236F}] => (Allow) LPort=9158

FirewallRules: [{2956BC6B-6623-4958-A14F-5E00BC677ABF}] => (Allow) LPort=9157

FirewallRules: [{8A44508B-F996-4654-837E-DAB5F21218A1}] => (Allow) LPort=9157

FirewallRules: [{5437C8FE-5F22-46EC-B6B2-0B5AB952D957}] => (Allow) LPort=9156

FirewallRules: [{C2CED3BA-1EF3-4A52-B85B-6A2C09B4735A}] => (Allow) LPort=9156

FirewallRules: [{9CE3BD30-DCEF-46F5-A6ED-18A72FDBA743}] => (Allow) F:\PayClock.msi

FirewallRules: [{D2A228E4-87A0-41F2-8492-E05EDA4722EF}] => (Allow) F:\PayClock.msi

FirewallRules: [{0CCAB027-1E9B-46F0-87B7-5F4E8B60C6FC}] => (Allow) F:\PayClockInstaller.exe

FirewallRules: [{C88BD0D7-5FE7-444C-AD90-A5D04A20DE32}] => (Allow) F:\PayClockInstaller.exe

FirewallRules: [{F6DCAE84-2BCF-4B40-9981-5766F41C4BAA}] => (Allow) LPort=9158

FirewallRules: [{29DAB202-4C52-4BA9-BD9B-FBB66BFE4FAF}] => (Allow) LPort=9158

FirewallRules: [{9DE5CCA7-5467-497F-8EB6-CFF0F22D8764}] => (Allow) LPort=9157

FirewallRules: [{A3C86F44-8286-42C0-A02E-B6338B0F2D39}] => (Allow) LPort=9157

FirewallRules: [{1C209DE4-FE08-436D-94BA-E53EE4D90DC0}] => (Allow) LPort=9156

FirewallRules: [{E94B8338-1446-4CB1-A308-71B8E309A6D4}] => (Allow) LPort=9156

FirewallRules: [{3FB4674A-0747-4F9B-AB77-6BA7352B143C}] => (Allow) F:\PayClock.msi

FirewallRules: [{461F524A-493F-40ED-95E3-8EE4AB1CB731}] => (Allow) F:\PayClock.msi

FirewallRules: [{6A610D4B-D3E3-4498-AFD1-0FCB8D9A127F}] => (Allow) F:\PayClockInstaller.exe

FirewallRules: [{F85989A3-85BC-4C4B-82F9-1C84A5776FDE}] => (Allow) F:\PayClockInstaller.exe

FirewallRules: [{6607E655-6A17-4AEB-9CF3-D2F10926B44A}] => (Allow) C:\Users\AIRWORX 2\AppData\Local\Microsoft\OneDrive\OneDrive.exe

FirewallRules: [{A318E63F-3B16-4801-9A52-8B4EF2D8CBF2}] => (Allow) LPort=54925

FirewallRules: [{59577291-5221-4BDA-BA72-221D3ABCEF98}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe

FirewallRules: [{D28E8D57-6792-4E93-B3C2-F4A80976A2B9}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe

FirewallRules: [{E4860DBD-DEE5-4EA8-A8C1-AD6BD8BEAD6E}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe

FirewallRules: [{82544E8E-2A02-40DA-8F04-ED87E9486D8B}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe

FirewallRules: [{6A3DD6EE-BED5-4AD1-914E-140E9866E1F6}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe

FirewallRules: [{83B9CC3B-B79F-4C88-8D43-C8F3688F8D6C}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe

FirewallRules: [{3C4B403A-085B-4A2C-8D80-C00DBEC9724B}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe

FirewallRules: [{8665DBEC-6D37-4A9B-9101-D2CAC7461032}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe

FirewallRules: [{E54DD560-4B3D-4D46-BCCE-AA81477764BF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{1E1FA9F8-B6FA-4E19-BCC7-036EC3CF76E7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{B542B111-518D-4929-A9BE-87750DC19803}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{37B1CC24-7FE3-4E38-A0BB-779278DD3824}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{631897A6-FD9C-4FDB-A1EF-BE752E9D1AEF}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE

FirewallRules: [{A8F82A93-7DDC-4A37-B9F0-2246585ABAE8}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe

FirewallRules: [{AB24DE43-BA75-4A2C-BE62-50EC8A6E71CA}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe

FirewallRules: [{04B1FBED-801F-4783-AC19-44912DC3B82A}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe

FirewallRules: [{3F3018C7-7AB1-4BB7-8451-CF1337B3E27F}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe

FirewallRules: [{9B100BC8-9E14-4408-884D-571C33BF4424}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe

FirewallRules: [{35652560-AE8B-4178-B991-B3BAC7F69C8A}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe

FirewallRules: [{4C55D636-1062-42F2-83E0-88F52AC05F10}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

FirewallRules: [{929B0F01-026B-4E9C-9C9F-034A6A3DF20E}] => (Allow) LPort=3306

FirewallRules: [{0FE1E20F-FA13-4A99-9282-E018DFB376A7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{2BB9BD43-1798-4BA0-ADC5-65DED0EA0609}] => (Allow) LPort=2869

FirewallRules: [{20796F92-7CAA-439B-BDBC-424E5856A4B8}] => (Allow) LPort=1900

FirewallRules: [{7683262D-2F71-4302-A78C-09531E02C619}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe

FirewallRules: [{0AF54D7F-6D16-45D1-B795-D5E09C279A94}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe

FirewallRules: [{B5519C34-E5E2-4002-BC5C-43764B8FE077}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe

FirewallRules: [{D0AF0B79-A58E-4981-AE18-493996ED77D1}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe

FirewallRules: [{506FBEB2-08E3-4748-AA99-035C39352EC2}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe

FirewallRules: [{94B15C71-D0F4-4920-92AA-CFB64A40F500}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe

FirewallRules: [{68E02351-34A3-4E1C-B584-1408332366E9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe

FirewallRules: [{40460E99-D235-4736-A77C-629162D4C564}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe

FirewallRules: [{DF41382D-7C4B-452D-95F1-8086F0DAC591}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{DC1F597B-7AF8-4E42-800A-A1D016805D6B}] => (Allow) C:\Users\AIRWORX 2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

==================== Restore Points =========================

22-07-2017 10:05:24 Scheduled Checkpoint

24-07-2017 05:38:54 Removed Pinger

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (07/25/2017 04:01:47 PM) (Source: MySQL) (EventID: 100) (User: )

Description: Aborting

For more information, see Help and Support Center at http://www.mysql.com.

Error: (07/25/2017 04:01:47 PM) (Source: MySQL) (EventID: 100) (User: )

Description: Default storage engine (InnoDB) is not available

For more information, see Help and Support Center at http://www.mysql.com.

Error: (07/25/2017 04:00:46 PM) (Source: MySQL) (EventID: 100) (User: )

Description: Aborting

For more information, see Help and Support Center at http://www.mysql.com.

Error: (07/25/2017 04:00:46 PM) (Source: MySQL) (EventID: 100) (User: )

Description: Default storage engine (InnoDB) is not available

For more information, see Help and Support Center at http://www.mysql.com.

Error: (07/25/2017 03:59:45 PM) (Source: MySQL) (EventID: 100) (User: )

Description: Aborting

For more information, see Help and Support Center at http://www.mysql.com.

Error: (07/25/2017 03:59:45 PM) (Source: MySQL) (EventID: 100) (User: )

Description: Default storage engine (InnoDB) is not available

For more information, see Help and Support Center at http://www.mysql.com.

Error: (07/25/2017 03:58:44 PM) (Source: MySQL) (EventID: 100) (User: )

Description: Aborting

For more information, see Help and Support Center at http://www.mysql.com.

Error: (07/25/2017 03:58:44 PM) (Source: MySQL) (EventID: 100) (User: )

Description: Default storage engine (InnoDB) is not available

For more information, see Help and Support Center at http://www.mysql.com.

Error: (07/25/2017 03:57:43 PM) (Source: MySQL) (EventID: 100) (User: )

Description: Aborting

For more information, see Help and Support Center at http://www.mysql.com.

Error: (07/25/2017 03:57:43 PM) (Source: MySQL) (EventID: 100) (User: )

Description: Default storage engine (InnoDB) is not available

For more information, see Help and Support Center at http://www.mysql.com.

System errors:

=============

Error: (07/25/2017 04:01:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The MySQL service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/25/2017 04:00:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The MySQL service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/25/2017 03:59:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The MySQL service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/25/2017 03:58:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The MySQL service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/25/2017 03:57:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The MySQL service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/25/2017 03:56:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The MySQL service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/25/2017 03:55:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The MySQL service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/25/2017 03:54:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The MySQL service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/25/2017 03:53:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The MySQL service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/25/2017 03:52:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The MySQL service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

CodeIntegrity:

===================================

Date: 2017-07-25 09:36:57.818

Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-07-22 08:16:34.782

Date: 2017-07-20 11:50:46.923

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\WINDOWS\SysWOW64\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-07-20 11:50:46.909

Date: 2017-07-20 11:50:46.897

Date: 2017-07-20 11:50:46.881

Date: 2017-07-20 07:27:38.520

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ProgramData\ESET\ESET Security\updfiles\base_nonnups\nod74BB.dll.nup.raw because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-07-20 07:27:38.159

Date: 2017-07-20 07:27:37.843

Date: 2017-07-20 07:27:37.450

==================== Memory info ===========================

Processor: AMD A8-6500 APU with Radeon™ HD Graphics

Percentage of memory in use: 50%

Total physical RAM: 7365.48 MB

Available physical RAM: 3663.88 MB

Total Virtual: 8160.64 MB

Available Virtual: 3137.36 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1842.47 GB) (Free:1688.11 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive d: (Recovery Image) (Fixed) (Total:18.63 GB) (Free:2.32 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive e: (New Volume) (Fixed) (Total:298.09 GB) (Free:109.93 GB) NTFS

Drive g: (TOSHIBA) (Removable) (Total:14.89 GB) (Free:6.94 GB) FAT32

Drive i: () (Removable) (Total:59.47 GB) (Free:59.47 GB) exFAT

Drive m: (TOSHIBA) (Removable) (Total:14.88 GB) (Free:11.37 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 1863 GB) (Disk ID: 8834CD72)

Partition: GPT.

========================================================

Disk: 1 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 497B7DD2)

Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================

Disk: 2 (MBR Code: Windows 7 or 8) (Size: 59.5 GB) (Disk ID: 5D64B022)

Partition 1: (Active) - (Size=59.5 GB) - (Type=07 NTFS)

========================================================

Disk: 3 (MBR Code: Windows XP) (Size: 14.9 GB) (Disk ID: C3072E18)

Partition 1: (Active) - (Size=14.9 GB) - (Type=0C)

========================================================

Disk: 4 (MBR Code: Windows XP) (Size: 14.9 GB) (Disk ID: C3072E18)

Partition 1: (Active) - (Size=14.9 GB) - (Type=0C)

==================== End of Addition.txt ============================

#59
BrandiCopas

Posted 26 July 2017 - 03:16 AM

Member

Topic Starter
Member
79 posts