Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Admin tools all unavailable, seemingly fake dropbox and a few other pr

Started by BrandiCopas , Jul 11 2017 06:52 AM

Malware unknown virus

Page 5 of 8
3
4
5
6
7

Please log in to reply

#61
RKinner

Posted 26 July 2017 - 07:29 AM

Malware Expert

Expert
24,731 posts

Only thing I see about SQL is:

Error: (07/25/2017 03:59:45 PM) (Source: MySQL) (EventID: 100) (User: )

Description: Default storage engine (InnoDB) is not available

Also you are running a very old 32 bit version:

MySQL Server 5.0 (HKLM-x32...

a newer one might work better.

#62
BrandiCopas

Posted 27 July 2017 - 10:38 AM

Member

Topic Starter
Member
79 posts

Good morning, Attached is a scan report from this morning. It found over 3000 bad files if I understand it correctly?

RogueKiller V12.11.8.0 (x64) [Jul 24 2017] (Premium) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.co...ad/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.15063) 64 bits version
Started in : Normal mode
User : AIRWORX 2 [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 07/27/2017 07:44:39 (Duration : 01:46:50)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2671885098-678752524-1400920573-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Replaced (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2671885098-678752524-1400920573-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Replaced (1)

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 2 ¤¤¤
[File.Forged][File] C:\Windows\System32\drivers\ks.sys -> Replaced at reboot ( @Src C:\Users\AIRWORX 2\AppData\Local\Temp\snack\ks.sys)
[File.Forged][File] C:\Windows\System32\drivers\nwifi.sys -> Replaced at reboot ( @Src C:\Users\AIRWORX 2\AppData\Local\Temp\snack\nwifi.sys)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 3371 (Driver: Loaded) ¤¤¤
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CREATE[0] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff804dbcd44e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CLOSE[2] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff804dbcd44e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_READ[3] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff804dbcd44e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_WRITE[4] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff804dbcd44e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_FLUSH_BUFFERS[9] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff804dbcd44e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_DEVICE_CONTROL[14] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff804dbcd44e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff804dbcd44e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff804dbcd44e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CLEANUP[18] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_POWER[22] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff804dbcd44e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SYSTEM_CONTROL[23] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff804dbcd44e0
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\disk - IRP_MJ_PNP[27] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff804dbcd44e0
[IRP:Addr(Microsoft)] \Driver\disk - DriverUnload[29] : C:\Windows\System32\drivers\Classpnp.sys @ 0xfffff804dbd1dd80
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_CREATE_NAMED_PIPE[1] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_WRITE[4] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_INFORMATION[5] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_INFORMATION[6] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_EA[7] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_EA[8] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_VOLUME_INFORMATION[10] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_VOLUME_INFORMATION[11] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_DIRECTORY_CONTROL[12] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_FILE_SYSTEM_CONTROL[13] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SHUTDOWN[16] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_LOCK_CONTROL[17] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_CREATE_MAILSLOT[19] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_SECURITY[20] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_SECURITY[21] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_DEVICE_CHANGE[24] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_QUERY_QUOTA[25] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IRP:Addr(Microsoft)] \Driver\kbdclass - IRP_MJ_SET_QUOTA[26] : C:\Windows\System32\ntoskrnl.exe @ 0xfffff80361711a40
[IAT:Addr] (explorer.exe) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (explorer.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (explorer.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ appresolver.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ SndVolSSO.DLL) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ oleacc.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ explorerframe.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (explorer.exe @ HPSFTaskbar.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ HPSFTaskbar.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ HPSFTaskbar.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (explorer.exe @ HPSFTaskbar.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ HPSFTaskbar.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (explorer.exe @ HPSFTaskbar.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ HPSFTaskbar.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ HPSFTaskbar.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ HPSFTaskbar.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ HPSFTaskbar.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ twinui.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (explorer.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ Windows.UI.Immersive.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Microsoft)] (explorer.exe @ AboveLockAppHost.dll) kernel32!GetSystemAppDataKey : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda087380
[IAT:Addr(Microsoft)] (explorer.exe @ AboveLockAppHost.dll) kernel32!OpenStateExplicit : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086f20
[IAT:Addr(Microsoft)] (explorer.exe @ AboveLockAppHost.dll) kernel32!CloseState : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086f90
[IAT:Addr(Microsoft)] (explorer.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (explorer.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (explorer.exe @ mscoree.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ mscoreei.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ mscoreei.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1bad30
[IAT:Addr] (explorer.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!GetCurrentProcessorNumber : C:\Windows\System32\ntdll.dll @ 0x7ffcdd2199c0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b3770
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b09e0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!FlushProcessWriteBuffers : C:\Windows\System32\ntdll.dll @ 0x7ffcdd216fa0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (explorer.exe @ clr.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc7f0
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cd000
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1bad30
[IAT:Addr] (explorer.exe @ clr.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cb3f0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ MSVCR120_CLR0400.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr(Microsoft)] (explorer.exe @ aticfx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (explorer.exe @ aticfx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (explorer.exe @ atiuxp64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ atiuxp64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr(Microsoft)] (explorer.exe @ atidxx64.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de960
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr(Microsoft)] (explorer.exe @ atidxx64.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ atidxx64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1bad30
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cd000
[IAT:Addr] (explorer.exe @ atidxx64.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cb3f0
[IAT:Addr] (explorer.exe @ clrjit.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cd000
[IAT:Addr] (explorer.exe @ clrjit.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1bad30
[IAT:Addr] (explorer.exe @ clrjit.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc7f0
[IAT:Addr] (explorer.exe @ clrjit.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ clrjit.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ stobject.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Microsoft)] (explorer.exe @ InputSwitch.dll) kernel32!FindPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda085590
[IAT:Addr] (explorer.exe @ InputSwitch.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (explorer.exe @ ieframe.dll) kernel32!FindFirstStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda14f2b0
[IAT:Addr(Microsoft)] (explorer.exe @ ieframe.dll) kernel32!FindNextStreamW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda14f660
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr(Microsoft)] (explorer.exe @ ieframe.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SubmitThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1957d0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolWork : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b1000
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr(Microsoft)] (explorer.exe @ ieframe.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c7430
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!WaitForThreadpoolWorkCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f2a10
[IAT:Addr(Microsoft)] (explorer.exe @ ieframe.dll) kernel32!GetPackagesByPackageFamily : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0845a0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b3770
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b09e0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ ieframe.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ ieframe.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1baa10
[IAT:Addr] (explorer.exe @ ieframe.dll) advapi32!EventWriteEx : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cb3a0
[IAT:Addr] (explorer.exe @ ieframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Microsoft)] (explorer.exe @ DeviceSetupManagerAPI.dll) kernel32!PackageFamilyNameFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b580
[IAT:Addr] (explorer.exe @ DXP.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ GdiPlus.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (explorer.exe @ Actioncenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ msi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ msi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cbd00
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ wpdshserviceobj.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Microsoft)] (explorer.exe @ PortableDeviceApi.dll) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr] (explorer.exe @ FXSST.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ FXSST.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ FXSST.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Microsoft)] (explorer.exe @ FXSST.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (explorer.exe @ FXSAPI.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ FXSAPI.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ FXSAPI.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ FXSAPI.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ FXSAPI.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ FXSAPI.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ FXSAPI.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr] (explorer.exe @ FXSAPI.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (explorer.exe @ FXSAPI.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (explorer.exe @ FXSAPI.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (explorer.exe @ FXSAPI.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (explorer.exe @ FXSAPI.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cbd00
[IAT:Addr] (explorer.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (explorer.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr] (explorer.exe @ SettingMonitor.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ pnidui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ DropboxExt64.17.0.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ DropboxExt64.17.0.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ DropboxExt64.17.0.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ DropboxExt64.17.0.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ DropboxExt64.17.0.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (explorer.exe @ DropboxExt64.17.0.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ DropboxExt64.17.0.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ DropboxExt64.17.0.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ DropboxExt64.17.0.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ bthprops.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ srchadmin.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ davclnt.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ davhlpr.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr(Microsoft)] (explorer.exe @ SyncCenter.dll) kernel32!SetWaitableTimerEx : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c7430
[IAT:Addr] (explorer.exe @ SyncCenter.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (explorer.exe @ imapi2.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cbd00
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ imapi2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ hgcpl.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ duser.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (explorer.exe @ shellex.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ shellex.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ shellex.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ shellex.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ shellex.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ shellex.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ shellex.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ msvcp100.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ msvcp100.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ msvcp100.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ msvcp100.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ msvcp100.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ msvcp100.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ msvcr100.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ remote_eka_prague_loader.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ remote_eka_prague_loader.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ remote_eka_prague_loader.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ remote_eka_prague_loader.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ remote_eka_prague_loader.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ remote_eka_prague_loader.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ remote_eka_prague_loader.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ remote_eka_prague_loader.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ remote_eka_prague_loader.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ prremote.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ prremote.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ prremote.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ prremote.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ prremote.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ prremote.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ prremote.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ prcore.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ prcore.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ prcore.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ prcore.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ prcore.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ prcore.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ prcore.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ prcore.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ prcore.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ kl_service.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ kl_service.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ kl_service.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (explorer.exe @ kl_service.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ kl_service.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ kl_service.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ kl_service.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ kl_service.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ kl_service.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ pxstub.ppl) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ pxstub.ppl) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ params.ppl) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ params.ppl) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ params.ppl) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ product_info.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ product_info.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ product_info.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ product_info.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ product_info.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ product_info.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ product_info.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ product_info.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ product_info.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ product_metainfo.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ product_metainfo.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ product_metainfo.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ product_metainfo.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ product_metainfo.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ product_metainfo.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ product_metainfo.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ wscapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ wscui.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ wscui.cpl) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1bad30
[IAT:Addr] (explorer.exe @ wscui.cpl) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cd000
[IAT:Addr] (explorer.exe @ wscui.cpl) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc7f0
[IAT:Addr] (explorer.exe @ wscui.cpl) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1baa10
[IAT:Addr] (explorer.exe @ NPSMDesktopProvider.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ IconCodecService.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cbd00
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (explorer.exe @ wpfgfx_v0400.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (explorer.exe @ MSVCP120_CLR0400.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ MSVCP120_CLR0400.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ MSVCP120_CLR0400.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ MSVCP120_CLR0400.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ MSVCP120_CLR0400.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ PresentationNative_v0400.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ PresentationNative_v0400.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (explorer.exe @ PresentationNative_v0400.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ PresentationNative_v0400.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ PresentationNative_v0400.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ PresentationNative_v0400.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ PresentationNative_v0400.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ PresentationNative_v0400.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ PresentationNative_v0400.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ dui70.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ tiptsf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc7f0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1baa10
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1bad30
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cd000
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (explorer.exe @ UIRibbon.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) gdi32!ScriptBreak : C:\Windows\System32\gdi32full.dll @ 0x7ffcda394fa0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) gdi32!ScriptItemize : C:\Windows\System32\gdi32full.dll @ 0x7ffcda3afb10
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Microsoft)] (explorer.exe @ UIRibbon.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr(Microsoft)] (explorer.exe @ UIRibbon.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr(Microsoft)] (explorer.exe @ UIRibbon.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (explorer.exe @ UIRibbon.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ UIRibbon.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (explorer.exe @ UIRibbon.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ mbshlext.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (explorer.exe @ mbshlext.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ mbshlext.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ mbshlext.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ mbshlext.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ mbshlext.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ mbshlext.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ mbshlext.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ mbshlext.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ msiltcfg.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ DirectShellExt.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ DirectShellExt.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ DirectShellExt.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ DirectShellExt.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ DirectShellExt.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ DirectShellExt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ DirectShellExt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ DirectShellExt.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ diasymreader.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ diasymreader.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ diasymreader.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ diasymreader.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ diasymreader.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ diasymreader.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ appwiz.cpl) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ osbaseln.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ contextmenu64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ contextmenu64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ contextmenu64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ msvcp90.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ msvcr90.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (explorer.exe @ ATL90.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (explorer.exe @ shellExt.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ shellExt.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ shellExt.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ shellExt.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (explorer.exe @ shellExt.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ shellExt.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ shellExt.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ shellExt.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (explorer.exe @ shellExt.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ shellExt.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (explorer.exe @ 7-zip.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ 7-zip.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ 7-zip.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ 7-zip.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cbd00
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (explorer.exe @ FileSyncShell64.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (explorer.exe @ LoggingPlatform64.DLL) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ LoggingPlatform64.DLL) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ msvcp120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ msvcr120.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ zipfldr.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ occache.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ occache.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ occache.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ occache.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ occache.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ occache.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ fontext.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Microsoft)] (explorer.exe @ comsvcs.dll) kernel32!GetCurrentPackageId : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0df2e0
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ atiacm64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ webcheck.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ webcheck.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ webcheck.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ webcheck.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ webcheck.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ webcheck.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ wshirda.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ wshirda.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ wshirda.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ wshirda.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ RecuvaShell64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ RecuvaShell64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ RecuvaShell64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ RecuvaShell64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ RecuvaShell64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ RecuvaShell64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ RecuvaShell64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ RecuvaShell64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ RecuvaShell64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ prnfldr.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Microsoft)] (explorer.exe @ prnfldr.dll) kernel32!GetProcessMitigationPolicy : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0d4120
[IAT:Addr] (explorer.exe @ prnntfy.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ prnntfy.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr(Microsoft)] (explorer.exe @ prnntfy.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr] (explorer.exe @ prnntfy.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (explorer.exe @ prnntfy.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (explorer.exe @ prnntfy.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ prnntfy.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ prnntfy.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (explorer.exe @ prnntfy.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Microsoft)] (explorer.exe @ prnntfy.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr] (explorer.exe @ prnntfy.dll) advapi32!EventActivityIdControl : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1dfae0
[IAT:Addr] (explorer.exe @ prnntfy.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1bad30
[IAT:Addr] (explorer.exe @ prnntfy.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1baa10
[IAT:Addr] (explorer.exe @ prnntfy.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cd000
[IAT:Addr] (explorer.exe @ prnntfy.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc7f0
[IAT:Addr] (explorer.exe @ prnntfy.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cbd00
[IAT:Addr] (explorer.exe @ prnntfy.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr] (explorer.exe @ prnntfy.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (explorer.exe @ prnntfy.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (explorer.exe @ prnntfy.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (explorer.exe @ prnntfy.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (explorer.exe @ prnntfy.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ puiapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ puiapi.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ printui.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1baa10
[IAT:Addr] (explorer.exe @ printui.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cd000
[IAT:Addr] (explorer.exe @ printui.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1bad30
[IAT:Addr] (explorer.exe @ printui.dll) advapi32!EventActivityIdControl : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1dfae0
[IAT:Addr] (explorer.exe @ printui.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc7f0
[IAT:Addr] (explorer.exe @ printui.dll) advapi32!EventWrite : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cb3f0
[IAT:Addr] (explorer.exe @ printui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ printui.dll) user32!DefDlgProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215150
[IAT:Addr] (explorer.exe @ printui.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ puiobj.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ puiobj.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ puiobj.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ puiobj.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ puiobj.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr] (explorer.exe @ puiobj.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (explorer.exe @ puiobj.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ puiobj.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ puiobj.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ puiobj.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (explorer.exe @ puiobj.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (explorer.exe @ puiobj.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ puiobj.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (explorer.exe @ puiobj.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr] (explorer.exe @ puiobj.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (explorer.exe @ puiobj.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (explorer.exe @ puiobj.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (explorer.exe @ puiobj.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (explorer.exe @ puiobj.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cbd00
[IAT:Addr] (explorer.exe @ puiobj.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ acppage.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventUnregister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cd000
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventSetInformation : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1baa10
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventRegister : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1bad30
[IAT:Addr] (explorer.exe @ acppage.dll) advapi32!EventWriteTransfer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc7f0
[IAT:Addr] (explorer.exe @ NetworkItemFactory.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ NetworkItemFactory.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ NetworkItemFactory.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ NetworkItemFactory.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ NetworkItemFactory.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ NetworkItemFactory.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (explorer.exe @ NetworkItemFactory.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (explorer.exe @ NetworkItemFactory.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (explorer.exe @ NetworkItemFactory.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr] (explorer.exe @ NetworkItemFactory.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (explorer.exe @ NetworkItemFactory.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cbd00
[IAT:Addr] (explorer.exe @ dtsh.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ dtsh.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ dtsh.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ dtsh.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cbd00
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ EhStorAPI.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ fdWCN.dll) kernel32!SetThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b3770
[IAT:Addr] (explorer.exe @ fdWCN.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ fdWCN.dll) kernel32!CloseThreadpoolTimer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b09e0
[IAT:Addr] (explorer.exe @ fdWCN.dll) kernel32!WaitForThreadpoolTimerCallbacks : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0f10
[IAT:Addr] (explorer.exe @ fdWCN.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (explorer.exe @ fdWCN.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (explorer.exe @ fdWCN.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr] (explorer.exe @ fdWCN.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ fdWCN.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ fdWCN.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ fdWCN.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ fdWNet.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ fdWNet.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ fdWNet.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ fdWNet.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (explorer.exe @ atl.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (explorer.exe @ atl.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x26a27e|call rax)
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_elf.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ chrome.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr] (chrome.exe @ chrome.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!TryAcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f9000
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe @ chrome.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (chrome.exe @ chrome.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ oleacc.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ ntshrui.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ explorerframe.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ explorerframe.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (chrome.exe @ shdocvw.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ office_antivirus.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ office_antivirus.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ office_antivirus.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ office_antivirus.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ office_antivirus.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ office_antivirus.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ office_antivirus.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ office_antivirus.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ office_antivirus.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ office_antivirus.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ sxs.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ sapi.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ sapi.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ sapi.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ sapi.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ sapi.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ sapi.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ sapi.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ sapi.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ sapi.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ sapi.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ sapi.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ sapi.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (chrome.exe @ sapi.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ sapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ sapi.dll) advapi32!TraceMessage : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cbd00
[IAT:Addr] (chrome.exe @ sapi.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ sapi.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ sapi.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ sapi.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ sapi.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x26a27e|call rax)
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x26a27e|call rax)
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_watcher.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr] (chrome.exe @ chrome_watcher.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ uxtheme.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ msctf.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr(Hook.IEAT)] (chrome.exe) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(ESET)] (chrome.exe @ kernel32.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x27a27e|call rax)
[IAT:Addr(ESET)] (chrome.exe @ KERNELBASE.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7ffcdc47002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_elf.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryAcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f9000
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (chrome.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr(Google)] (chrome.exe @ DWrite.dll) ntdll!NtAlpcConnectPort : C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\chrome_child.dll @ 0x7ffc89ee3428
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr(Hook.IEAT)] (chrome.exe) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(ESET)] (chrome.exe @ kernel32.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x27a27e|call rax)
[IAT:Addr(ESET)] (chrome.exe @ KERNELBASE.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7ffcdc47002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_elf.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryAcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f9000
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (chrome.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr(Google)] (chrome.exe @ DWrite.dll) ntdll!NtAlpcConnectPort : C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\chrome_child.dll @ 0x7ffc89ee3428
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr(Hook.IEAT)] (chrome.exe) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(ESET)] (chrome.exe @ kernel32.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x27a27e|call rax)
[IAT:Addr(ESET)] (chrome.exe @ KERNELBASE.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7ffcdc47002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_elf.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryAcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f9000
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (chrome.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr(Google)] (chrome.exe @ DWrite.dll) ntdll!NtAlpcConnectPort : C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\chrome_child.dll @ 0x7ffc89ee3428
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr(Hook.IEAT)] (chrome.exe) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(ESET)] (chrome.exe @ kernel32.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x27a27e|call rax)
[IAT:Addr(ESET)] (chrome.exe @ KERNELBASE.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7ffcdc47002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_elf.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryAcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f9000
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (chrome.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr(Google)] (chrome.exe @ DWrite.dll) ntdll!NtAlpcConnectPort : C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\chrome_child.dll @ 0x7ffc89ee3428
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr(Hook.IEAT)] (chrome.exe) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(ESET)] (chrome.exe @ kernel32.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x27a27e|call rax)
[IAT:Addr(ESET)] (chrome.exe @ KERNELBASE.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7ffcdc47002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_elf.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryAcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f9000
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (chrome.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr(Google)] (chrome.exe @ DWrite.dll) ntdll!NtAlpcConnectPort : C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\chrome_child.dll @ 0x7ffc89ee3428
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr(Hook.IEAT)] (chrome.exe) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(ESET)] (chrome.exe @ kernel32.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x27a27e|call rax)
[IAT:Addr(ESET)] (chrome.exe @ KERNELBASE.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7ffcdc47002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_elf.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryAcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f9000
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (chrome.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr(Google)] (chrome.exe @ DWrite.dll) ntdll!NtAlpcConnectPort : C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\chrome_child.dll @ 0x7ffc89ee3428
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr(Hook.IEAT)] (chrome.exe) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(ESET)] (chrome.exe @ kernel32.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x27a27e|call rax)
[IAT:Addr(ESET)] (chrome.exe @ KERNELBASE.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7ffcdc47002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_elf.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryAcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f9000
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (chrome.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr(Google)] (chrome.exe @ DWrite.dll) ntdll!NtAlpcConnectPort : C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\chrome_child.dll @ 0x7ffc89ee3428
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x27a27e|call rax)
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_elf.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryAcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f9000
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (chrome.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr] (chrome.exe @ ddraw.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr] (chrome.exe @ dciman32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ dciman32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ dciman32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ dciman32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ libglesv2.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ libegl.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ libegl.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ libegl.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ libegl.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ libegl.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ libegl.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ libegl.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ libegl.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ libegl.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ product_info.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ remote_eka_prague_loader.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ prremote.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ msvcp100.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ msvcr100.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ prcore.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ kl_service.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ plugins_meta.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr(Hook.IEAT)] (chrome.exe) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(ESET)] (chrome.exe @ kernel32.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x27a27e|call rax)
[IAT:Addr(ESET)] (chrome.exe @ KERNELBASE.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7ffcdc47002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_elf.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryAcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f9000
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (chrome.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr(Google)] (chrome.exe @ DWrite.dll) ntdll!NtAlpcConnectPort : C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\chrome_child.dll @ 0x7ffc89ee3428
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr(Hook.IEAT)] (chrome.exe) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(ESET)] (chrome.exe @ kernel32.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x27a27e|call rax)
[IAT:Addr(ESET)] (chrome.exe @ KERNELBASE.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7ffcdc47002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_elf.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryAcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f9000
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (chrome.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr(Google)] (chrome.exe @ DWrite.dll) ntdll!NtAlpcConnectPort : C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\chrome_child.dll @ 0x7ffc89ee3428
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr(Hook.IEAT)] (chrome.exe) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(ESET)] (chrome.exe @ kernel32.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x27a27e|call rax)
[IAT:Addr(ESET)] (chrome.exe @ KERNELBASE.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7ffcdc47002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_elf.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryAcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f9000
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (chrome.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr(Google)] (chrome.exe @ DWrite.dll) ntdll!NtAlpcConnectPort : C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\chrome_child.dll @ 0x7ffc89ee3428
[IAT:Addr(Microsoft)] (chrome.exe) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr(Microsoft)] (chrome.exe) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Hook.IEAT)] (chrome.exe) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr(Hook.IEAT)] (chrome.exe) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(ESET)] (chrome.exe @ kernel32.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Inl(Malwarebytes)] (chrome.exe @ kernel32.dll) ntdll!NtProtectVirtualMemory : C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll @ 0x7ffcbdb13f80 (jmp 0x27a27e|call rax)
[IAT:Addr(ESET)] (chrome.exe @ KERNELBASE.dll) ntdll!LdrLoadDll : C:\Program Files\ESET\ESET Security\eplgChrome.dll @ 0x7ffcc3583620
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!PackageIdFromFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda08b560
[IAT:Addr(Microsoft)] (chrome.exe @ apphelp.dll) kernel32!GetPackageFullName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0daec0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ AcGenral.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shlwapi.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shlwapi.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ user32.dll) gdi32!GdiDllInitialize : Unknown @ 0x7ffcdc47002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ ole32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ ole32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ shell32.dll) user32!DefWindowProcA : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215080
[IAT:Addr(Hook.IEAT)] (chrome.exe @ shell32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!ResolveDelayLoadedAPI : C:\Windows\System32\ntdll.dll @ 0x7ffcdd183fa0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!FreeLibraryWhenCallbackReturns : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f51c0
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CloseThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f1570
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!CancelThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b0a90
[IAT:Addr] (chrome.exe @ advapi32.dll) kernel32!StartThreadpoolIo : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1b38d0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ inproc_agent.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ klsihk64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ imm32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_elf.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_elf.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ mbae64.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ eplgChrome.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceLoggerHandle : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7ff0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableFlags : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f89f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!GetTraceEnableLevel : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f8a30
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!RegisterTraceGuidsW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1babb0
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!UnregisterTraceGuids : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ccfb0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) advapi32!SystemFunction036 : C:\Windows\System32\CRYPTBASE.DLL @ 0x7ffcd9051970
[IAT:Addr] (chrome.exe @ chrome_child.dll) advapi32!TraceEvent : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1cc120
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPopEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd218df0
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) kernel32!CreateNamedPipeW : Unknown @ 0x7ffcdd36002c
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DeleteCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6970
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!DecodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ExitThread : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1ad9e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedPushEntrySList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0de0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EncodePointer : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e67e0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!EnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd184450
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!LeaveCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ff50
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InterlockedFlushSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6bc0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!QueryDepthSList : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSListHead : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e6990
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!VerSetConditionMask : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1eed30
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryAcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f9000
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1951a0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockExclusive : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199d80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeAllConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1d6090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!WakeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e0380
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeConditionVariable : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableSRW : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de910
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapSize : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1a0090
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapReAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1982c0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!HeapAlloc : C:\Windows\System32\ntdll.dll @ 0x7ffcdd19ae00
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!ReleaseSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd199ca0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AcquireSRWLockShared : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1978f0
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!InitializeSRWLock : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e35c0
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceExecuteOnce : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0c9f80
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!TryEnterCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd194960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!SleepConditionVariableCS : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0de960
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceBeginInitialize : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda086c80
[IAT:Addr(Microsoft)] (chrome.exe @ chrome_child.dll) kernel32!InitOnceComplete : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda0e2270
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!RemoveVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1f7490
[IAT:Addr] (chrome.exe @ chrome_child.dll) kernel32!AddVectoredExceptionHandler : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1e65b0
[IAT:Addr] (chrome.exe @ chrome_child.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ chrome_child.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comdlg32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comdlg32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) gdi32!GetStockObject : Unknown @ 0x7ffcdc47006c
[IAT:Addr(Hook.IEAT)] (chrome.exe @ comctl32.dll) user32!RegisterClassW : Unknown @ 0x7ffcdca8002c
[IAT:Addr] (chrome.exe @ comctl32.dll) user32!DefWindowProcW : C:\Windows\System32\ntdll.dll @ 0x7ffcdd215090
[IAT:Addr] (chrome.exe @ winspool.drv) kernel32!InitializeCriticalSection : C:\Windows\System32\ntdll.dll @ 0x7ffcdd1da140
[IAT:Addr(Microsoft)] (chrome.exe @ winspool.drv) kernel32!GetCurrentPackageFamilyName : C:\Windows\System32\KERNELBASE.dll @ 0x7ffcda084870
[IAT:Addr(Google)] (chrome.exe @ DWrite.dll) ntdll!NtAlpcConnectPort : C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\chrome_child.dll @ 0x7ffc89ee3428

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST2000DM001-1CH164 +++++
--- User ---
[MBR] f86f4a6d732d5d11731309772e1fbe7f
[BSP] 2bf3dd60e501e1f0f760c942b8d1b006 : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1023 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2097152 | Size: 360 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2834432 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 3096576 | Size: 1886686 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 3867029504 | Size: 450 MB
5 - [SYSTEM] Basic data partition | Offset (sectors): 3867951104 | Size: 19076 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Hitachi HDT725032VLAT80 USB Device +++++
--- User ---
[MBR] 8a091895aeee523486684cb2eda22243
[BSP] 66c33a22222e88b4dafebdce5d6cb93a : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 305242 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

#63
RKinner

Posted 27 July 2017 - 05:57 PM

Malware Expert

Expert
24,731 posts

Looks like you have Expert Mode turned on. I can't do that on mine. Did you buy the program?

Anyway the only things which might be malware are the hooks. When a line starts with:

[IAT:Addr(Hook.IEAT)] that indicates a hook.

In regular mode these would be all that you see under possible rootkits.

Since yours are all associated with Chrome.exe:

These hooks are not malicious, they are part of Chrome Sandbox feature.

See: https://forum.adlice...hp?topic=3292.0

So I would expect them to go away if you close Chrome (and make sure that under Settings, Advanced, System: it does not have Continue Running Background Apps when Google Chrome is closed turned on.) and then rescan.

#64
BrandiCopas

Posted 01 August 2017 - 09:30 AM

Member

Topic Starter
Member
79 posts

You are correct, I had it in expert mode, oops, I didn't buy it, but I guess it came with the trial? Thx for explaining that, b/c it found over 3000 issues. I was a bit worried. Anyway, new developments and infections are about please see the following. Thanks again for your help. )

I rescanned them, results are here. Then, my eset regular av program found 42 infected files yesterday. I'll post the results from that below. for giggles, I did ran a new Fbar those in next post. Keeping in mind, I don't have windows xp ever on this pc, it was 7.1 then updated in 2015 to windows 10. Nor do I have any password protected files, of any kind, the program that is seemingly a pain, is the wondershare, I'm not able to uninstall, or remove, also lost access to turn off defender, THX

RogueKiller V12.11.8.0 (x64) [Jul 24 2017] (Premium) by Adlice Software

mail : http://www.adlice.com/contact/

Feedback : https://forum.adlice.com

Website : http://www.adlice.co...ad/roguekiller/

Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.15063) 64 bits version

Started in : Normal mode

User : AIRWORX 2 [Administrator]

Started from : C:\Program Files\RogueKiller\RogueKiller64.exe

Mode : Delete -- Date : 08/01/2017 04:51:16 (Duration : 01:03:48)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤

[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2671885098-678752524-1400920573-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Replaced (1)

[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2671885098-678752524-1400920573-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Replaced (1)

¤¤¤ Tasks : 1 ¤¤¤

[Suspicious.Path|VT.Unknown] %WINDIR%\Tasks\G2MUpdateTask-S-1-5-21-2671885098-678752524-1400920573-1001.job -- C:\Users\AIRWORX 2\AppData\Local\GoToMeeting\7297\g2mupdate.exe -> Deleted

¤¤¤ Files : 2 ¤¤¤

[File.Forged][File] C:\Windows\System32\drivers\ks.sys -> Replaced at reboot ( @Src C:\Users\AIRWORX 2\AppData\Local\Temp\snack\ks.sys)

[File.Forged][File] C:\Windows\System32\drivers\nwifi.sys -> Replaced at reboot ( @Src C:\Users\AIRWORX 2\AppData\Local\Temp\snack\nwifi.sys)

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤

+++++ PhysicalDrive0: ST2000DM001-1CH164 +++++

--- User ---

[MBR] f86f4a6d732d5d11731309772e1fbe7f

[BSP] 2bf3dd60e501e1f0f760c942b8d1b006 : Empty MBR Code

Partition table:

0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1023 MB

1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2097152 | Size: 360 MB

2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2834432 | Size: 128 MB

3 - Basic data partition | Offset (sectors): 3096576 | Size: 1886686 MB

4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 3867029504 | Size: 450 MB

5 - [SYSTEM] Basic data partition | Offset (sectors): 3867951104 | Size: 19076 MB

User = LL1 ... OK

User = LL2 ... OK

#65
BrandiCopas

Posted 01 August 2017 - 09:38 AM

Member

Topic Starter
Member
79 posts

Eset scan logs

infections are near the bottom, as far as I can tell.

)

Log

Scan Log

Version of virus signature database: 15835 (20170731)

Date: 7/31/2017 Time: 3:32:48 AM

Scanned disks, folders and files: Operating memory;Boot sector;C:\Boot sector;C:\;D:\Boot sector;D:\;E:\Boot sector;E:\;F:\Boot sector;F:\;Z:\

Operating memory ¯ C:\Program Files (x86)\Cox\Drag and Drop Backup\LogicNP.EZNamespaceExtensions.dll ¯ CRYPTOOBFUSCATOR - unpack error

C:\Documents and Settings\AIRWORX 2\AppData\Local\Dropbox\Dropbox.exe.log - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Dropbox\QuitReports\b781f421-e3c5-41aa-8669-eb08fc154740.dbt - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Microsoft\Windows\Notifications\WPNPRMRY.tmp - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Microsoft\Windows\UsrClass.dat - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Microsoft\Windows\WebCache\V01.log - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Microsoft\Windows\WebCacheLock.dat - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\edb.log - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\IndexedDB.edb - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB\IndexedDB.jfm - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat.LOG1 - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat.LOG2 - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG1 - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG2 - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Temp\Temp1_cbSetup.exe.zip\cbSetup.exe ¯ ZIP ¯ cbDecompressor.exe - is OK

C:\Documents and Settings\AIRWORX 2\AppData\Local\Temp\Temp1_cbSetup.exe.zip\cbSetup.exe ¯ ZIP ¯ cbEngine.dll - is OK

C:\Documents and Settings\AIRWORX 2\AppData\Local\Temp\Temp1_DVR-H9116uvdh.zip\H9116uvdh\Video_Client_ZMODO_ENG_V1.1.3_20110817_854.exe ¯ ADVANCEDINSTALLER - archive damaged

C:\Documents and Settings\AIRWORX 2\AppData\Local\Temp\Temp1_ta16az1040.exe.zip\ta16az1040.exe ¯ INDIGOROSE - error reading archive

C:\Documents and Settings\AIRWORX 2\AppData\Local\Temp\Temp1_ta16stplus.exe.zip\ta16stplus.exe ¯ INDIGOROSE - error reading archive

C:\Documents and Settings\AIRWORX 2\AppData\Local\Temp\Temp2_DVR-H9116uvdh.zip\H9116uvdh\Video_Client_ZMODO_ENG_V1.1.3_20110817_854.exe ¯ ADVANCEDINSTALLER - archive damaged

C:\Documents and Settings\AIRWORX 2\AppData\Local\Temporary Internet Files\Content.Word\~WRS{9A2A9C8D-4C1D-48AB-9A88-13A13D34C000}.tmp - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Temporary Internet Files\Content.Word\~WRS{9DE07F7F-3270-461C-8C82-6FA4D17BCBE1}.tmp - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\Temporary Internet Files\Content.Word\~WRS{B28763DB-83AF-4D1A-8745-846D2AAAEC24}.tmp - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\TileDataLayer\Database\EDB.log - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\TileDataLayer\Database\vedatamodel.edb - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Local\TileDataLayer\Database\vedatamodel.jfm - error opening [4]

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Belkasoft\Evidence Center\New case (2017.06.27 08_31_06)\New case (2017.06.27 08 31 06)\64\embeddedfile\596.docx ¯ OFFICECRYPTOGRAPHY - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Belkasoft\Evidence Center\New case (2017.06.27 08_31_06)\New case (2017.06.27 08 31 06)\65\embeddedfile\8\386.docx ¯ OFFICECRYPTOGRAPHY - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandnetbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgusbbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/massfilter_hs.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgp.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgpfl.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motswch.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/N06CBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/PSKTBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0bus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0whnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadwhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaebus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaewhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssudbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/usb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WdfCoInstaller01009.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WinUSBCoInstaller2.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/wsadb.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandnetbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgusbbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/massfilter_hs.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgp.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgpfl.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motswch.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/N06CBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/PSKTBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0bus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0whnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadwhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaebus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaewhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssudbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usbccgp.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/WdfCoInstaller01009.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/winusbcoinstaller2.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/wsadb.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ psktbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ PSKTBus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandnetbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgusbbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/massfilter_hs.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgp.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgpfl.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motswch.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/N06CBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/PSKTBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0bus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0whnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadwhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaebus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaewhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssudbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/usb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WdfCoInstaller01009.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WinUSBCoInstaller2.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/wsadb.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandnetbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgusbbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/massfilter_hs.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgp.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgpfl.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motswch.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/N06CBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/PSKTBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0bus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0whnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadwhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaebus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaewhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssudbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usbccgp.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/WdfCoInstaller01009.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/winusbcoinstaller2.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/wsadb.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ psktbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ PSKTBus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Belkasoft\Evidence Center\New case (2017.06.27 08_31_06)\New case (2017.06.27 08 31 06)\64\embeddedfile\596.docx ¯ OFFICECRYPTOGRAPHY - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Belkasoft\Evidence Center\New case (2017.06.27 08_31_06)\New case (2017.06.27 08 31 06)\65\embeddedfile\8\386.docx ¯ OFFICECRYPTOGRAPHY - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandnetbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgusbbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/massfilter_hs.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgp.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgpfl.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motswch.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/N06CBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/PSKTBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0bus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0whnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadwhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaebus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaewhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssudbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/usb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WdfCoInstaller01009.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WinUSBCoInstaller2.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/wsadb.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandnetbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgusbbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/massfilter_hs.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgp.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgpfl.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motswch.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/N06CBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/PSKTBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0bus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0whnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadwhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaebus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaewhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssudbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usbccgp.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/WdfCoInstaller01009.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/winusbcoinstaller2.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/wsadb.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ psktbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ PSKTBus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandnetbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgusbbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/massfilter_hs.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgp.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgpfl.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motswch.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/N06CBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/PSKTBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0bus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0whnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadwhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaebus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaewhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssudbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/usb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WdfCoInstaller01009.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WinUSBCoInstaller2.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/wsadb.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandnetbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgusbbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/massfilter_hs.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgp.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgpfl.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motswch.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/N06CBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/PSKTBus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0bus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0whnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadwhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaebus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaewhnt.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssudbus.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usbccgp.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/WdfCoInstaller01009.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/winusbcoinstaller2.dll - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/wsadb.sys - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ psktbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ PSKTBus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.cat - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.inf - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu.iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw-pxe.ncf ¯ ZIP ¯ T1:X3_101115_1_8_1_expROM_FW_uni_template_rmt_cmd_line.txt - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu.iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw-pxe.ncf ¯ ZIP ¯ T1A:X3_101115_1_8_1_expROM_FW_uni_template_rmt_cmd_line.txt - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu.iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw-pxe.ncf ¯ ZIP ¯ T1A:X3_101115_1_8_1_expROM_FW_uni_template_flash0.bin - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu.iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw-pxe.ncf ¯ ZIP ¯ T1A:X3_101115_1_8_1_expROM_FW_uni_template_eeprom0.bin - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu.iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw.ncf ¯ ZIP ¯ T1:X3_101025_1_8_1_expROM_FW_uni_template_rmt_cmd_line.txt - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu.iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw.ncf ¯ ZIP ¯ T1A:X3_101025_1_8_1_expROM_FW_uni_template_rmt_cmd_line.txt - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu.iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw.ncf ¯ ZIP ¯ T1A:X3_101025_1_8_1_expROM_FW_uni_template_flash0.bin - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu.iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw.ncf ¯ ZIP ¯ T1A:X3_101025_1_8_1_expROM_FW_uni_template_eeprom0.bin - error - password-protected file

C:\Documents and Settings\AIRWORX 2\Desktop\DVR-H9116uvdh.zip ¯ ZIP ¯ H9116uvdh/Video_Client_ZMODO_ENG_V1.1.3_20110817_854.exe ¯ ADVANCEDINSTALLER - archive damaged

C:\Documents and Settings\AIRWORX 2\Desktop\MicrosoftInstaller.exe ¯ CAB ¯ officesuitewwsp1-x-none.msp - decompression could not complete (possible reasons: insufficient free memory or disk space, or a problem with temp folders)

C:\Documents and Settings\AIRWORX 2\Downloads\cbSetup.exe ¯ ZIP ¯ cbDecompressor.exe - is OK

C:\Documents and Settings\AIRWORX 2\Downloads\cbSetup.exe ¯ ZIP ¯ cbEngine.dll - is OK

C:\Documents and Settings\AIRWORX 2\Downloads\Drag and Drop Backup-2.1.33-prod.msi ¯ MSI ¯ _5A8F4492F0A005EE4C470B8FA9B98D08 ¯ CAB ¯ _17C8C8385D0B8761CA35A22B90A0A0F1.5C7D6400ACF34A958BC9D1EDA2376E81 ¯ CRYPTOOBFUSCATOR - unpack error

C:\Documents and Settings\AIRWORX 2\Downloads\Drag and Drop Backup-2.1.33-prod.msi ¯ MSI ¯ _5A8F4492F0A005EE4C470B8FA9B98D08 ¯ CAB ¯ _BACA9259EBDC6C3F6602410B1137C4DF.5C7D6400ACF34A958BC9D1EDA2376E81 ¯ CRYPTOOBFUSCATOR - unpack error

C:\Documents and Settings\AIRWORX 2\Downloads\ta16az1040.exe ¯ INDIGOROSE - error reading archive

C:\Documents and Settings\AIRWORX 2\Downloads\ta16stplus.exe ¯ INDIGOROSE - error reading archive

C:\Documents and Settings\AIRWORX 2\Downloads\Training Doc.zip.nrdzk20.partial ¯ ZIP ¯ DSCF0041.AVI - error reading archive

C:\Documents and Settings\AIRWORX 2\Dropbox\Allen-Shared\CosmicJump_163671_DPMA_GUI_536.msi ¯ MSI ¯ Binary.RMMSetup.exe ¯ INDIGOROSE - error reading archive

C:\Documents and Settings\AIRWORX 2\Dropbox\Cosmic Jump (1)\RMM-Scanning-Tool.exe ¯ INDIGOROSE - error reading archive

C:\Documents and Settings\AIRWORX 2\Dropbox (Cosmic Jump AIRWORX)\Allen-Shared\CosmicJump_163671_DPMA_GUI_536.msi ¯ MSI ¯ Binary.RMMSetup.exe ¯ INDIGOROSE - error reading archive

C:\Documents and Settings\AIRWORX 2\Dropbox (Cosmic Jump AIRWORX)\Cosmic Jump (1)\RMM-Scanning-Tool.exe ¯ INDIGOROSE - error reading archive

C:\Documents and Settings\AIRWORX 2\Local Settings\Dropbox\Dropbox.exe.log - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Dropbox\QuitReports\b781f421-e3c5-41aa-8669-eb08fc154740.dbt - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Microsoft\Windows\Notifications\WPNPRMRY.tmp - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Microsoft\Windows\UsrClass.dat - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Microsoft\Windows\UsrClass.dat.LOG1 - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Microsoft\Windows\UsrClass.dat.LOG2 - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Microsoft\Windows\WebCache\V01.log - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Microsoft\Windows\WebCache\V01tmp.log - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Microsoft\Windows\WebCache\WebCacheV01.dat - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Microsoft\Windows\WebCache\WebCacheV01.jfm - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Microsoft\Windows\WebCacheLock.dat - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat.LOG1 - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat.LOG2 - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG1 - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG2 - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\Temp\Temp1_cbSetup.exe.zip\cbSetup.exe ¯ ZIP ¯ cbDecompressor.exe - is OK

C:\Documents and Settings\AIRWORX 2\Local Settings\Temp\Temp1_cbSetup.exe.zip\cbSetup.exe ¯ ZIP ¯ cbEngine.dll - is OK

C:\Documents and Settings\AIRWORX 2\Local Settings\Temp\Temp1_DVR-H9116uvdh.zip\H9116uvdh\Video_Client_ZMODO_ENG_V1.1.3_20110817_854.exe ¯ ADVANCEDINSTALLER - archive damaged

C:\Documents and Settings\AIRWORX 2\Local Settings\Temp\Temp1_ta16az1040.exe.zip\ta16az1040.exe ¯ INDIGOROSE - error reading archive

C:\Documents and Settings\AIRWORX 2\Local Settings\Temp\Temp1_ta16stplus.exe.zip\ta16stplus.exe ¯ INDIGOROSE - error reading archive

C:\Documents and Settings\AIRWORX 2\Local Settings\Temp\Temp2_DVR-H9116uvdh.zip\H9116uvdh\Video_Client_ZMODO_ENG_V1.1.3_20110817_854.exe ¯ ADVANCEDINSTALLER - archive damaged

C:\Documents and Settings\AIRWORX 2\Local Settings\TileDataLayer\Database\EDB.log - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\TileDataLayer\Database\vedatamodel.edb - error opening [4]

C:\Documents and Settings\AIRWORX 2\Local Settings\TileDataLayer\Database\vedatamodel.jfm - error opening [4]

C:\Documents and Settings\AIRWORX 2\NTUSER.DAT - error opening [4]

C:\Documents and Settings\AIRWORX 2\ntuser.dat.LOG1 - error opening [4]

C:\Documents and Settings\AIRWORX 2\ntuser.dat.LOG2 - error opening [4]

C:\Documents and Settings\AIRWORX 2\OneDrive\L5_8.pdf - error opening [4]

C:\Documents and Settings\AIRWORX 2\OneDrive\Level 4 - 7 year olds team.pdf - error opening [4]

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunes Library.itlp/DBTemp/.status-com.apple.itdprep.command.runPostProcessing - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AboutForm.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror2.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror3.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AppManager.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/BackupRestore.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectBackground.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Connecting.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectPage.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectToUSB.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ContactsManager.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls2.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/DeviceInfo.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/DeviceInfoBkg.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/facebook-twitter.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/facebookbackground.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FileManager.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00000.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00001.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00002.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00003.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00004.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00005.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00006.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00007.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00008.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00009.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00010.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00011.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00012.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00013.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00014.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00015.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00016.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00017.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00018.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00019.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00020.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00021.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00022.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00023.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00024.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00025.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00026.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00027.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00028.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00029.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00030.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00031.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00032.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00033.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00034.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00035.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00036.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00037.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00038.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00039.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00040.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00041.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00042.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00043.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00044.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00045.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00046.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00047.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00048.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00049.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ftload.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/GooglePlay.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/GooglePlay.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/icon.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Install.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/InstallDaemon.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/iOSConnecting.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/IosControl.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/IosManager.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/iOSUSBFail.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Main.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MessageBox.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MGIOSNew.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MusicManager.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Navigate.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Navigator.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newcontrols.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewiOSControl.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewiOSOther.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newothers.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewPhotos.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newskinform.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Numbers.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/OnlineResDown.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/OpenMG.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Others.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhoneTransfer.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhoneTransferNew.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhotoForm.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhotoManager.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/pic.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PrivacyMainpage.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Reconnect.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/RegisterForm.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ResManager.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/robot.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SearchContacts.gif - archive damaged - the file could not be extracted.

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SkinForm.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/sleep.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SmsManager.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SpaceAndMediaManager.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SpaceCleanScanFlash.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SuperTool.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SymbianGuide.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/TakeQRCode.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ToolBox.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/toolbox_icon.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Transfer.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Transfer.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/TransferState.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/twitterbackground.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/USBFail.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/VideoManager.xml - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ViewStyle.png - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Chinese.dat - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ ChineseTrad.dat - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ English.dat - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ French.dat - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ German.dat - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Italiano.dat - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Japanese.dat - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Portuguese.dat - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Spanish.dat - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandnetbus.sys - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgusbbus.sys - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/massfilter_hs.sys - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgpfl.sys - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0whnt.sys - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadwhnt.sys - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaewhnt.sys - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/WdfCoInstaller01009.dll - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/winusbcoinstaller2.dll - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

C:\Documents and Settings\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.inf - error - password-protected file

C:\Documents and Settings\All Users\Kaspersky Lab\KSS4\DataRoot\data\sfdb.dat - error opening [4]

C:\Documents and Settings\All Users\Kaspersky Lab\KSS4\DataRoot\data\sfdb_md5.dat - error opening [4]

C:\Documents and Settings\All Users\Kaspersky Lab Setup Files\KSS16.0.0.1344.0.36.0\kss.msi ¯ MSI ¯ KSS.cab ¯ CAB ¯ ushata.dll - is OK

C:\Documents and Settings\All Users\Microsoft\Network\Downloader\edb.log - error opening [4]

C:\Documents and Settings\All Users\Microsoft\Network\Downloader\qmgr.db - error opening [4]

C:\Documents and Settings\All Users\Microsoft\Network\Downloader\qmgr.jfm - error opening [4]

C:\Documents and Settings\All Users\Microsoft\Search\Data\Applications\Windows\edb.jtx - error opening [4]

C:\Documents and Settings\All Users\Microsoft\Search\Data\Applications\Windows\Windows.edb - error opening [4]

C:\Documents and Settings\All Users\Microsoft\Search\Data\Applications\Windows\Windows.jfm - error opening [4]

C:\Documents and Settings\All Users\Microsoft\Windows\LfSvc\Geofence\GeofenceApplicationID.dat - error opening [4]

C:\Documents and Settings\All Users\Oracle\Java\installcache\baseimagefam8 ¯ ZIP ¯ lib/rt.pack ¯ PACK200 - archive damaged

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunes Library.itlp/DBTemp/.status-com.apple.itdprep.command.runPostProcessing - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

fault.skin ¯ ZIP ¯ Default/iOSConnecting.png - error - password-protected file

TB continued next post--

#66
BrandiCopas

Posted 01 August 2017 - 09:39 AM

Member

Topic Starter
Member
79 posts

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/IosControl.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/IosManager.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/iOSUSBFail.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Main.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MessageBox.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MGIOSNew.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MusicManager.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Navigate.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Navigator.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newcontrols.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewiOSControl.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewiOSOther.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newothers.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewPhotos.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AboutForm.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror2.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror3.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AppManager.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/BackupRestore.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectBackground.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Connecting.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectPage.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectToUSB.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ContactsManager.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls2.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/DeviceInfo.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/DeviceInfoBkg.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/facebook-twitter.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/facebookbackground.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FileManager.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00000.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00001.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00002.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00003.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00004.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00005.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00006.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00007.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00008.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00009.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00010.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00011.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00012.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00013.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00014.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00015.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00016.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00017.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00018.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00019.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00020.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00021.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00022.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00023.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00024.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00025.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00026.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00027.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00028.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00029.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00030.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00031.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00032.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00033.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00034.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00035.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00036.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00037.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00038.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00039.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00040.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00041.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00042.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00043.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00044.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00045.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00046.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00047.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00048.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00049.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ftload.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/GooglePlay.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/GooglePlay.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/icon.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Install.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/InstallDaemon.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\De INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newskinform.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Numbers.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/OnlineResDown.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/OpenMG.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Others.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhoneTransfer.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhoneTransferNew.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhotoForm.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhotoManager.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/pic.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PrivacyMainpage.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Reconnect.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/RegisterForm.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ResManager.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/robot.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SearchContacts.gif - archive damaged - the file could not be extracted.

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SkinForm.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/sleep.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SmsManager.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SpaceAndMediaManager.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SpaceCleanScanFlash.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SuperTool.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SymbianGuide.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/TakeQRCode.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ToolBox.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/toolbox_icon.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Transfer.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Transfer.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/TransferState.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/twitterbackground.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/USBFail.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/VideoManager.xml - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ViewStyle.png - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Chinese.dat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ ChineseTrad.dat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ English.dat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ French.dat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ German.dat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Italiano.dat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Japanese.dat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Portuguese.dat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Spanish.dat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.cat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.cat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.cat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.cat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.cat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ psktbus.cat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ PSKTBus.inf - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.cat - error - password-protected file

C:\Documents and Settings\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.cat - error - password-protected file

C:\DrFoneForAndroid\00003727 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00004050 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00011024 ¯ ZIP ¯ word/document.xml - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00011042 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00015545 ¯ ZIP ¯ 9 - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00015577 ¯ ZIP ¯ xl/theme/theme1.xml - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00015612 ¯ ZIP ¯ tv_lite.json - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00015612 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00015679 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00015734 ¯ ZIP ¯ res/drawable-mdpi-v4/abc_spinner_mtrl_am_alpha.9.png - error reading archive

C:\DrFoneForAndroid\00015735 ¯ ZIP ¯ res/drawable-xhdpi-v4/ic_media_route_on_10_dark.png - error reading archive

C:\DrFoneForAndroid\00015957 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00015959 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00015964 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00015978 ¯ ZIP ¯ classes.dex - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00015978 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00017160 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00017646 ¯ ZIP ¯ res/drawable-xhdpi/tw_dialog_top_holo_light.9.png - error reading archive

C:\DrFoneForAndroid\00018382 ¯ ZIP ¯ right-slot.jpg - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00018382 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00018398 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00019112 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00019116 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00019119 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00019890 ¯ ZIP ¯ res/drawable-hdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png - error reading archive

C:\DrFoneForAndroid\00019893 ¯ ZIP ¯ res/drawable-xhdpi-v4/mb_pause.png - error reading archive

C:\DrFoneForAndroid\00020016 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00020057 ¯ ZIP ¯ movies_lite.json - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00020057 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00021009 ¯ ZIP ¯ assets/bin/Data/5c07cccc98f1744aa9aa8caa509602a6 - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00021009 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00021103 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00021128 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00021129 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00021130 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00021131 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00021145 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00021148 ¯ ZIP ¯ classes.dex - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00021148 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00021198 ¯ ZIP ¯ tv_lite.json - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00021198 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00021229 ¯ ZIP ¯ libs/armeabi-v7a/libocr.so - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00021229 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00021232 ¯ ZIP ¯ tv_lite.json - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00021232 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00021239 ¯ ZIP ¯ res/drawable-hdpi-v4/abc_ic_menu_share_mtrl_alpha.png - error reading archive

C:\DrFoneForAndroid\00021244 ¯ ZIP ¯ res/drawable-mdpi-v4/ic_share_white.png - error reading archive

C:\DrFoneForAndroid\00021250 ¯ ZIP ¯ res/drawable-xxhdpi-v4/ic_search_mic_out.png - error reading archive

C:\DrFoneForAndroid\00021256 ¯ ZIP ¯ res/drawable-mdpi-v4/ic_open_on_phone.png - error reading archive

C:\DrFoneForAndroid\00021260 ¯ ZIP ¯ classes3.dex - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00021260 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00021300 ¯ ZIP ¯ res/drawable-hdpi-v4/common_signin_btn_text_pressed_light.9.png - error reading archive

C:\DrFoneForAndroid\00021303 ¯ ZIP ¯ lib/x86/libjlibtorrent.so - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00021303 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00021306 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00021312 ¯ ZIP ¯ res/drawable-hdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png - error reading archive

C:\DrFoneForAndroid\00021315 ¯ ZIP ¯ res/drawable-xhdpi-v4/mb_pause.png - error reading archive

C:\DrFoneForAndroid\00021338 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00021352 ¯ ZIP ¯ assets/www/img/small/rumpRoaster.png - error reading archive

C:\DrFoneForAndroid\00021354 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00021362 ¯ ZIP ¯ res/drawable-hdpi-v4/abc_list_selector_disabled_holo_dark.9.png - error reading archive

C:\DrFoneForAndroid\00021372 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023419 ¯ ZIP ¯ tv_lite.json - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00023419 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00023443 ¯ ZIP ¯ res/drawable-hdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png - error reading archive

C:\DrFoneForAndroid\00023446 ¯ ZIP ¯ res/drawable-xhdpi-v4/mb_pause.png - error reading archive

C:\DrFoneForAndroid\00023505 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023507 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023513 ¯ ZIP ¯ res/drawable-hdpi-v4/com_facebook_loginbutton_blue_focused.png - error reading archive

C:\DrFoneForAndroid\00023516 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023519 ¯ ZIP ¯ lib/x86_64/libuptsmaddon.so - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00023522 ¯ ZIP ¯ lib/armeabi/libwsm2.so - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00023522 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00023547 ¯ ZIP ¯ res/drawable-xxxhdpi-v4/ic_location_grey600_18dp.png - error reading archive

C:\DrFoneForAndroid\00023552 ¯ ZIP ¯ resources.arsc - error reading archive

C:\DrFoneForAndroid\00023574 ¯ ZIP ¯ lib/armeabi/libhogweed.so - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00023574 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00023587 ¯ ZIP ¯ res/drawable-xhdpi-v4/tp_networklogo_interac_color_98x97dp.png - error reading archive

C:\DrFoneForAndroid\00023589 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023592 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023594 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023596 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023599 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023604 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023605 ¯ ZIP ¯ res/drawable/setupwizard_account_button_dark_tft.9.png - error reading archive

C:\DrFoneForAndroid\00023606 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023610 ¯ ZIP ¯ res/drawable-xhdpi-v4/abc_list_focused_holo.9.png - error reading archive

C:\DrFoneForAndroid\00023611 ¯ ZIP ¯ res/drawable-xhdpi-v4/ic_mr_button_connecting_18_light.png - error reading archive

C:\DrFoneForAndroid\00023614 ¯ ZIP ¯ res/drawable-xhdpi-v4/quantum_ic_more_vert_grey600_24.png - error reading archive

C:\DrFoneForAndroid\00023641 ¯ ZIP ¯ res/drawable-nodpi-v4/list_card_footer_bg.9.png - error reading archive

C:\DrFoneForAndroid\00023646 ¯ ZIP ¯ res/drawable-hdpi-v4/ic_menu_wish_movies_off.png - error reading archive

C:\DrFoneForAndroid\00023651 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00023656 ¯ ZIP ¯ res/drawable-xhdpi-v4/common_google_signin_btn_text_dark_normal.9.png - error reading archive

C:\DrFoneForAndroid\00023658 ¯ ZIP ¯ res/drawable-xhdpi-v4/ic_mr_button_disabled_light.png - error reading archive

C:\DrFoneForAndroid\00023660 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023663 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023665 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023667 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023670 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023683 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023684 ¯ ZIP ¯ res/drawable/setupwizard_account_button_dark_tft.9.png - error reading archive

C:\DrFoneForAndroid\00023685 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023686 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00023690 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00023700 ¯ ZIP ¯ - archive damaged

C:\DrFoneForAndroid\00023733 ¯ ZIP ¯ classes.dex - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00023738 ¯ ZIP ¯ assets/raw_fileset/branded-icons/branded-icons-1.0-48x48/gas-stations/8325_48X48.png - error reading archive

C:\DrFoneForAndroid\00023742 ¯ ZIP ¯ assets/raw_fileset/filesets/navigation/voices/aac/enUS-female-5-aac-v3/for-about+two+miles.aac - error reading archive

C:\DrFoneForAndroid\00023750 ¯ ZIP ¯ assets/raw_fileset/filesets/navigation/voices/aac/enUS-female-5-aac-v3/three-quarters.aac - error reading archive

C:\DrFoneForAndroid\00023770 ¯ ZIP ¯ assets/raw_fileset/filesets/navigation/voices/aac/enUS-male-3-aac-v3/use+the+left-7-lanes.aac - error reading archive

C:\DrFoneForAndroid\00023774 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023776 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023791 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023792 ¯ ZIP ¯ res/drawable-mdpi-v4/ic_near_me_googblue_14.png - error reading archive

C:\DrFoneForAndroid\00023793 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023796 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023802 ¯ ZIP ¯ res/drawable-xhdpi-v4/ic_paper_sizes.png - error reading archive

C:\DrFoneForAndroid\00023813 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023818 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023824 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023934 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023938 ¯ ZIP ¯ - error reading archive

C:\DrFoneForAndroid\00023940 ¯ ZIP ¯ res/drawable-xxxhdpi-v4/hs__chat_notif.png - error reading archive

C:\DrFoneForAndroid\00023941 ¯ ZIP ¯ lib/armeabi-v7a/libpfgame.so - archive damaged - the file could not be extracted.

C:\DrFoneForAndroid\00023941 ¯ ZIP ¯ - archive damaged

C:\hiberfil.sys - error opening [4]

C:\pagefile.sys - error opening [4]

C:\Program Files (x86)\Cox\Drag and Drop Backup\LogicNP.EZNamespaceExtensions.dll ¯ CRYPTOOBFUSCATOR - unpack error

C:\Program Files (x86)\Cox\Drag and Drop Backup\LogicNP.EZShellExtensions.dll ¯ CRYPTOOBFUSCATOR - unpack error

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ PowerStarter.ico - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_1028.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_1030.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_1031.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_1033.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_1034.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_1036.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_1040.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_1041.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_1042.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_1043.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_2052.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_4100.TXT - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_ara.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_bgr.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_csy.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_ell.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_Eti.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_fin.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_heb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_Hrv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_hun.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_Lvi.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_nor.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_plk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_ptb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_ptg.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_rom.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_rus.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_sky.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_Slv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_sve.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_Tha.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ lic_trk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ MUI_Lang.ini - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ Compress.log - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ TaskScheduler.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ CLScan.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ GetDXVer.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ GetSTime.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ Helper.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ HwCtrlMgr.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ RegKey64Bit.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ Rpc2.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\SupportFiles.7z ¯ 7ZIP ¯ UNO.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ PhotoDirector.ico - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_1028.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_1030.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_1031.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_1033.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_1034.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_1036.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_1040.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_1041.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_1042.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_1043.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_2052.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_4100.TXT - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_ara.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_bgr.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_csy.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_ell.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_Eti.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_fin.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_heb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_Hrv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_hun.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_Lvi.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_nor.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_plk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_ptb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_ptg.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_rom.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_rus.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_sky.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_slv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_sve.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_Tha.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ lic_trk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ MUI_Lang.ini - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ Compress.log - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ TaskScheduler.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ CLScan.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ GetDXVer.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ GetSTime.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ Helper.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ HwCtrlMgr.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ RegKey64Bit.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ Rpc2.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{39337565-330E-4ab6-A9AE-AC81E0720B10}\SupportFiles.7z ¯ 7ZIP ¯ UNO.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ Product.ico - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ lic_1028.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ lic_1030.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ lic_1031.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ lic_1033.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ lic_1034.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ lic_1036.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ lic_1040.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ lic_1041.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ lic_1042.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ lic_1043.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ lic_2052.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ lic_4100.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ SimEditor.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ APIfor64Bit.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ BurningSM.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ CLScan.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ CountryChk.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ DivX.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ EnableCDin.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ ForwardCDKey.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ GetDXver.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ GetSTime.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ HPDUtil.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ HwCtrlMgr.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ MFC71.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ msvcp71.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ msvcr71.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ RegKey64Bit.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ Rpc2.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ sim.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ SKUtil.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ UNO.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\SupportFiles.7z ¯ 7ZIP ¯ VistaAudio.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunes Library.itlp/DBTemp/.status-com.apple.itdprep.command.runPostProcessing - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AboutForm.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror2.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror3.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AppManager.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/BackupRestore.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectBackground.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Connecting.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectPage.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectToUSB.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ContactsManager.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls2.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/DeviceInfo.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/DeviceInfoBkg.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/facebook-twitter.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/facebookbackground.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FileManager.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00000.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00001.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00002.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00003.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00004.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00005.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00006.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00007.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00008.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00009.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00010.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00011.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00012.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00013.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00014.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00015.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00016.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00017.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00018.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00019.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00020.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00021.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00022.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00023.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00024.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00025.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00026.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00027.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00028.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00029.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00030.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00031.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00032.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00033.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00034.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00035.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00036.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00037.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00038.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00039.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00040.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00041.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00042.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00043.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00044.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00045.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00046.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00047.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00048.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00049.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ftload.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/GooglePlay.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/GooglePlay.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/icon.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Install.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/InstallDaemon.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/iOSConnecting.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/IosControl.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/IosManager.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/iOSUSBFail.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Main.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MessageBox.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MGIOSNew.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MusicManager.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Navigate.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Navigator.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newcontrols.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewiOSControl.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewiOSOther.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newothers.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewPhotos.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newskinform.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Numbers.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/OnlineResDown.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/OpenMG.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Others.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhoneTransfer.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhoneTransferNew.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhotoForm.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhotoManager.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/pic.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PrivacyMainpage.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Reconnect.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/RegisterForm.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ResManager.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/robot.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SearchContacts.gif - archive damaged - the file could not be extracted.

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SkinForm.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/sleep.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SmsManager.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SpaceAndMediaManager.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SpaceCleanScanFlash.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SuperTool.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SymbianGuide.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/TakeQRCode.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ToolBox.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/toolbox_icon.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Transfer.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Transfer.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/TransferState.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/twitterbackground.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/USBFail.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/VideoManager.xml - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ViewStyle.png - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Chinese.dat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ ChineseTrad.dat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ English.dat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ French.dat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ German.dat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Italiano.dat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Japanese.dat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Portuguese.dat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Spanish.dat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandnetbus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgusbbus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/massfilter_hs.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgp.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgpfl.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motswch.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/N06CBus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/PSKTBus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0bus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0whnt.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadbus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadwhnt.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaebus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaewhnt.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssudbus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/usb.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WdfCoInstaller01009.dll - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WinUSBCoInstaller2.dll - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/wsadb.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandnetbus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgusbbus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/massfilter_hs.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgp.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgpfl.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motswch.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/N06CBus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/PSKTBus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0bus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0whnt.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadbus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadwhnt.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaebus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaewhnt.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssudbus.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usb.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usbccgp.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/WdfCoInstaller01009.dll - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/winusbcoinstaller2.dll - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/wsadb.sys - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ psktbus.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ PSKTBus.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.inf - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.cat - error - password-protected file

C:\ProgramData\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.inf - error - password-protected file

C:\ProgramData\Kaspersky Lab\KSS4\DataRoot\data\sfdb.dat - error opening [4]

C:\ProgramData\Kaspersky Lab\KSS4\DataRoot\data\sfdb_md5.dat - error opening [4]

C:\ProgramData\Kaspersky Lab Setup Files\KSS16.0.0.1344.0.36.0\kss.msi ¯ MSI ¯ KSS.cab ¯ CAB ¯ ushata.dll - is OK

C:\ProgramData\Microsoft\Network\Downloader\edb.log - error opening [4]

C:\ProgramData\Microsoft\Network\Downloader\qmgr.db - error opening [4]

C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm - error opening [4]

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.jtx - error opening [4]

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb - error opening [4]

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.jfm - error opening [4]

C:\ProgramData\Microsoft\Windows\LfSvc\Geofence\GeofenceApplicationID.dat - error opening [4]

C:\ProgramData\Oracle\Java\installcache\baseimagefam8 ¯ ZIP ¯ lib/rt.pack ¯ PACK200 - archive damaged

C:\swapfile.sys - error opening [4]

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ PowerStarter.ico - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1028.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1030.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1031.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1033.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1034.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1036.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1040.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1041.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1042.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1043.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_2052.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_4100.TXT - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ara.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_bgr.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_csy.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ell.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Eti.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_fin.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_heb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Hrv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_hun.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Lvi.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_nor.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_plk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ptb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ptg.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_rom.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_rus.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_sky.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Slv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_sve.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Tha.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ lic_trk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ MUI_Lang.ini - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ Compress.log - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ TaskScheduler.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ CLScan.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ GetDXVer.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ GetSTime.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ Helper.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ HwCtrlMgr.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ RegKey64Bit.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ Rpc2.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\MediaSuite\10.0.4.3003\src\SupportFiles.7z ¯ 7ZIP ¯ UNO.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ P2G.ico - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1028.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1030.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1031.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1033.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1034.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1036.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1040.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1041.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1042.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1043.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_2052.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_4100.TXT - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ara.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_bgr.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_csy.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ell.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Eti.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_fin.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_heb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Hrv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_hun.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Lvi.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_nor.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_plk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ptb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ptg.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_rom.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_rus.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_sky.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Slv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_sve.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Tha.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ lic_trk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ MUI_Lang.ini - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ Compress.log - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ TaskScheduler.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ CLScan.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ GetDXVer.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ GetSTime.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ Helper.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ HwCtrlMgr.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ HwCtrlMgr_HP.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ RegKey64Bit.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ Rpc2.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\Power2Go\8.0.4.2921\src\SupportFiles.7z ¯ 7ZIP ¯ UNO.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\Data1.cab ¯ CAB ¯ _258967F3F2E1469FB3BCB69BEB47CD8B - is OK

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ Product.ico - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1028.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1030.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1031.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1033.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1034.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1036.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1040.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1041.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1042.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1043.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_2052.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_4100.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ SimEditor.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ APIfor64Bit.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ BurningSM.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ CLScan.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ CountryChk.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ DivX.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ EnableCDin.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ ForwardCDKey.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ GetDXver.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ GetSTime.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ HPDUtil.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ HwCtrlMgr.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ MFC71.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ msvcp71.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ msvcr71.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ RegKey64Bit.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ Rpc2.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ sim.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ SKUtil.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ UNO.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDirector\10.0.4.3007\src\SupportFiles.7z ¯ 7ZIP ¯ VistaAudio.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ PowerDVD12.ico - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1028.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1030.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1031.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1033.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1034.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1036.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1040.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1041.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1042.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1043.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_2052.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_4100.TXT - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ara.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_bgr.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_csy.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ell.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Eti.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_fin.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_heb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Hrv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_hun.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Lvi.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_nor.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_plk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ptb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ptg.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_rom.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_rus.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_sky.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Slv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_sve.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Tha.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ lic_trk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ MUI_Lang.ini - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ Compress.log - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ TaskScheduler.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ CLScan.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ GetDXVer.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ GetSTime.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ Helper.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ HwCtrlMgr.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ RegKey64Bit.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ Rpc2.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Applications\CyberLink\PowerDVD\12.0.1.3007\src\SupportFiles.7z ¯ 7ZIP ¯ UNO.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ PhotoDirector.ico - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1028.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1030.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1031.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1033.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1034.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1036.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1040.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1041.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1042.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1043.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_2052.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_4100.TXT - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ara.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_bgr.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_csy.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ell.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Eti.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_fin.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_heb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Hrv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_hun.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Lvi.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_nor.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_plk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ptb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ptg.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_rom.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_rus.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_sky.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_slv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_sve.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Tha.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ lic_trk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ MUI_Lang.ini - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ Compress.log - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ TaskScheduler.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ CLScan.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ GetDXVer.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ GetSTime.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ Helper.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ HwCtrlMgr.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ RegKey64Bit.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ Rpc2.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\APP\Solutions\CyberLink\PhotoDirector\3.0.2.4016\src\SupportFiles.7z ¯ 7ZIP ¯ UNO.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ PhotoDirector.ico - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe.manifest - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1028.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1030.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1031.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1033.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1034.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1036.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1040.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1041.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1042.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_1043.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_2052.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_4100.TXT - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ara.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_bgr.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_csy.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ell.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Eti.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_fin.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_heb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Hrv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_hun.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Lvi.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_nor.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_plk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ptb.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_ptg.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_rom.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_rus.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_sky.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_slv.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_sve.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_Tha.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ lic_trk.txt - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ MUI_Lang.ini - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ Compress.log - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ MsiZap.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ PostBuild.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ TaskScheduler.exe - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ CLScan.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ GetDXVer.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ GetSTime.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ Helper.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ HwCtrlMgr.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ RegKey64Bit.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ Rpc2.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\SWSETUP\sp64077\src\SupportFiles.7z ¯ 7ZIP ¯ UNO.dll - Incorrect file checksum (CRC); the file is probably password protected.

C:\Users\AIRWORX 2\AppData\Local\Dropbox\Dropbox.exe.log - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Dropbox\QuitReports\b781f421-e3c5-41aa-8669-eb08fc154740.dbt - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 10\Current Session - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Microsoft\Windows\Notifications\WPNPRMRY.tmp - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Microsoft\Windows\UsrClass.dat - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Microsoft\Windows\WebCache\V01.log - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Microsoft\Windows\WebCacheLock.dat - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat.LOG1 - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat.LOG2 - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG1 - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG2 - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\Temp\Temp1_cbSetup.exe.zip\cbSetup.exe ¯ ZIP ¯ cbDecompressor.exe - is OK

C:\Users\AIRWORX 2\AppData\Local\Temp\Temp1_cbSetup.exe.zip\cbSetup.exe ¯ ZIP ¯ cbEngine.dll - is OK

C:\Users\AIRWORX 2\AppData\Local\Temp\Temp1_DVR-H9116uvdh.zip\H9116uvdh\Video_Client_ZMODO_ENG_V1.1.3_20110817_854.exe ¯ ADVANCEDINSTALLER - archive damaged

C:\Users\AIRWORX 2\AppData\Local\Temp\Temp1_ta16az1040.exe.zip\ta16az1040.exe ¯ INDIGOROSE - error reading archive

C:\Users\AIRWORX 2\AppData\Local\Temp\Temp1_ta16stplus.exe.zip\ta16stplus.exe ¯ INDIGOROSE - error reading archive

C:\Users\AIRWORX 2\AppData\Local\Temp\Temp2_DVR-H9116uvdh.zip\H9116uvdh\Video_Client_ZMODO_ENG_V1.1.3_20110817_854.exe ¯ ADVANCEDINSTALLER - archive damaged

C:\Users\AIRWORX 2\AppData\Local\TileDataLayer\Database\EDB.log - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\TileDataLayer\Database\vedatamodel.edb - error opening [4]

C:\Users\AIRWORX 2\AppData\Local\TileDataLayer\Database\vedatamodel.jfm - error opening [4]

C:\Users\AIRWORX 2\AppData\Roaming\Belkasoft\Evidence Center\New case (2017.06.27 08_31_06)\New case (2017.06.27 08 31 06)\64\embeddedfile\596.docx ¯ OFFICECRYPTOGRAPHY - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Belkasoft\Evidence Center\New case (2017.06.27 08_31_06)\New case (2017.06.27 08 31 06)\65\embeddedfile\8\386.docx ¯ OFFICECRYPTOGRAPHY - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandnetbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgusbbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/massfilter_hs.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgp.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgpfl.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motswch.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/N06CBus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/PSKTBus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0bus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0whnt.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadwhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaebus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaewhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssudbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/usb.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WdfCoInstaller01009.dll - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WinUSBCoInstaller2.dll - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/wsadb.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandnetbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgusbbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/massfilter_hs.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgp.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgpfl.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motswch.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/N06CBus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/PSKTBus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0bus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0whnt.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadwhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaebus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaewhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssudbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usb.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usbccgp.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/WdfCoInstaller01009.dll - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/winusbcoinstaller2.dll - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/wsadb.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ psktbus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ PSKTBus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandnetbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgusbbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/massfilter_hs.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgp.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgpfl.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motswch.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/N06CBus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/PSKTBus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0bus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0whnt.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadwhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaebus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaewhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssudbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/usb.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WdfCoInstaller01009.dll - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WinUSBCoInstaller2.dll - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/wsadb.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandnetbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgusbbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/massfilter_hs.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgp.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgpfl.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motswch.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/N06CBus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/PSKTBus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0bus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0whnt.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadwhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaebus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaewhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssudbus.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usb.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usbccgp.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/WdfCoInstaller01009.dll - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/winusbcoinstaller2.dll - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/wsadb.sys - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ psktbus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ PSKTBus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.inf - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.cat - error - password-protected file

C:\Users\AIRWORX 2\AppData\Roaming\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Belkasoft\Evidence Center\New case (2017.06.27 08_31_06)\New case (2017.06.27 08 31 06)\64\embeddedfile\596.docx ¯ OFFICECRYPTOGRAPHY - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Belkasoft\Evidence Center\New case (2017.06.27 08_31_06)\New case (2017.06.27 08 31 06)\65\embeddedfile\8\386.docx ¯ OFFICECRYPTOGRAPHY - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandnetbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgusbbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/massfilter_hs.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgp.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgpfl.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motswch.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/N06CBus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/PSKTBus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0bus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0whnt.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadwhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaebus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaewhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssudbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/usb.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WdfCoInstaller01009.dll - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WinUSBCoInstaller2.dll - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/wsadb.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandnetbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgusbbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/massfilter_hs.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgp.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgpfl.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motswch.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/N06CBus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/PSKTBus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0bus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0whnt.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadwhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaebus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaewhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssudbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usb.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usbccgp.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/WdfCoInstaller01009.dll - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/winusbcoinstaller2.dll - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/wsadb.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ psktbus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ PSKTBus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\DrFoneAndroidTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandnetbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgusbbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/massfilter_hs.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgp.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgpfl.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motswch.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/N06CBus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/PSKTBus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0bus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0whnt.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadwhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaebus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaewhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssudbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/usb.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WdfCoInstaller01009.dll - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WinUSBCoInstaller2.dll - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/wsadb.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandnetbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgusbbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/massfilter_hs.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgp.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgpfl.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motswch.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/N06CBus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/PSKTBus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0bus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0whnt.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadwhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaebus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaewhnt.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssudbus.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usb.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usbccgp.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/WdfCoInstaller01009.dll - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/winusbcoinstaller2.dll - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/wsadb.sys - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ psktbus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ PSKTBus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.inf - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.cat - error - password-protected file

C:\Users\AIRWORX 2\Application Data\Wondershare\MobileTransTool\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.inf - error - password-protected file

C:\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu.iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw-pxe.ncf ¯ ZIP ¯ T1:X3_101115_1_8_1_expROM_FW_uni_template_rmt_cmd_line.txt - error - password-protected file

C:\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu.iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw-pxe.ncf ¯ ZIP ¯ T1A:X3_101115_1_8_1_expROM_FW_uni_template_rmt_cmd_line.txt - error - password-protected file

C:\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu.iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw.ncf ¯ ZIP ¯ T1:X3_101025_1_8_1_expROM_FW_uni_template_rmt_cmd_line.txt - error - password-protected file

C:\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu.iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw.ncf ¯ ZIP ¯ T1A:X3_101025_1_8_1_expROM_FW_uni_template_rmt_cmd_line.txt - error - password-protected file

C:\Users\AIRWORX 2\Desktop\DVR-H9116uvdh.zip ¯ ZIP ¯ H9116uvdh/Video_Client_ZMODO_ENG_V1.1.3_20110817_854.exe ¯ ADVANCEDINSTALLER - archive damaged

C:\Users\AIRWORX 2\Desktop\MicrosoftInstaller.exe ¯ CAB ¯ officesuitewwsp1-x-none.msp - decompression could not complete (possible reasons: insufficient free memory or disk space, or a problem with temp folders)

C:\Users\AIRWORX 2\Downloads\cbSetup.exe ¯ ZIP ¯ cbDecompressor.exe - is OK

C:\Users\AIRWORX 2\Downloads\cbSetup.exe ¯ ZIP ¯ cbEngine.dll - is OK

C:\Users\AIRWORX 2\Downloads\Drag and Drop Backup-2.1.33-prod.msi ¯ MSI ¯ _5A8F4492F0A005EE4C470B8FA9B98D08 ¯ CAB ¯ _17C8C8385D0B8761CA35A22B90A0A0F1.5C7D6400ACF34A958BC9D1EDA2376E81 ¯ CRYPTOOBFUSCATOR - unpack error

C:\Users\AIRWORX 2\Downloads\Drag and Drop Backup-2.1.33-prod.msi ¯ MSI ¯ _5A8F4492F0A005EE4C470B8FA9B98D08 ¯ CAB ¯ _BACA9259EBDC6C3F6602410B1137C4DF.5C7D6400ACF34A958BC9D1EDA2376E81 ¯ CRYPTOOBFUSCATOR - unpack error

C:\Users\AIRWORX 2\Downloads\ta16az1040.exe ¯ INDIGOROSE - error reading archive

C:\Users\AIRWORX 2\Downloads\ta16stplus.exe ¯ INDIGOROSE - error reading archive

C:\Users\AIRWORX 2\Downloads\Training Doc.zip.nrdzk20.partial ¯ ZIP ¯ DSCF0041.AVI - error reading archive

C:\Users\AIRWORX 2\Dropbox\Allen-Shared\CosmicJump_163671_DPMA_GUI_536.msi ¯ MSI ¯ Binary.RMMSetup.exe ¯ INDIGOROSE - error reading archive

C:\Users\AIRWORX 2\Dropbox\Cosmic Jump (1)\RMM-Scanning-Tool.exe ¯ INDIGOROSE - error reading archive

C:\Users\AIRWORX 2\Dropbox (Cosmic Jump AIRWORX)\Allen-Shared\CosmicJump_163671_DPMA_GUI_536.msi ¯ MSI ¯ Binary.RMMSetup.exe ¯ INDIGOROSE - error reading archive

C:\Users\AIRWORX 2\Dropbox (Cosmic Jump AIRWORX)\Cosmic Jump (1)\RMM-Scanning-Tool.exe ¯ INDIGOROSE - error reading archive

C:\Users\AIRWORX 2\Local Settings\Dropbox\Dropbox.exe.log - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Dropbox\QuitReports\b781f421-e3c5-41aa-8669-eb08fc154740.dbt - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Google\Chrome\User Data\Profile 10\Current Session - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Google\Chrome\User Data\Profile 10\Current Tabs - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{1F655266-75FA-11E7-BF17-A4DB308C6CA7}.dat - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Microsoft\Windows\Notifications\WPNPRMRY.tmp - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Microsoft\Windows\UsrClass.dat - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Microsoft\Windows\UsrClass.dat.LOG1 - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Microsoft\Windows\UsrClass.dat.LOG2 - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Microsoft\Windows\WebCache\V01.log - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Microsoft\Windows\WebCache\V01tmp.log - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Microsoft\Windows\WebCache\WebCacheV01.dat - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Microsoft\Windows\WebCache\WebCacheV01.jfm - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Microsoft\Windows\WebCacheLock.dat - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat.LOG1 - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\Settings\settings.dat.LOG2 - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG1 - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\Settings\settings.dat.LOG2 - error opening [4]

C:\Users\AIRWORX 2\Local Settings\Temp\Temp1_cbSetup.exe.zip\cbSetup.exe ¯ ZIP ¯ cbDecompressor.exe - is OK

C:\Users\AIRWORX 2\Local Settings\Temp\Temp1_cbSetup.exe.zip\cbSetup.exe ¯ ZIP ¯ cbEngine.dll - is OK

C:\Users\AIRWORX 2\Local Settings\Temp\Temp1_DVR-H9116uvdh.zip\H9116uvdh\Video_Client_ZMODO_ENG_V1.1.3_20110817_854.exe ¯ ADVANCEDINSTALLER - archive damaged

C:\Users\AIRWORX 2\Local Settings\Temp\Temp1_ta16az1040.exe.zip\ta16az1040.exe ¯ INDIGOROSE - error reading archive

C:\Users\AIRWORX 2\Local Settings\Temp\Temp1_ta16stplus.exe.zip\ta16stplus.exe ¯ INDIGOROSE - error reading archive

C:\Users\AIRWORX 2\Local Settings\Temp\Temp2_DVR-H9116uvdh.zip\H9116uvdh\Video_Client_ZMODO_ENG_V1.1.3_20110817_854.exe ¯ ADVANCEDINSTALLER - archive damaged

C:\Users\AIRWORX 2\Local Settings\Temporary Internet Files\Content.MSO\E2E63316\mso.snt - error opening [4]

C:\Users\AIRWORX 2\Local Settings\TileDataLayer\Database\EDB.log - error opening [4]

C:\Users\AIRWORX 2\Local Settings\TileDataLayer\Database\vedatamodel.edb - error opening [4]

C:\Users\AIRWORX 2\Local Settings\TileDataLayer\Database\vedatamodel.jfm - error opening [4]

C:\Users\AIRWORX 2\NTUSER.DAT - error opening [4]

C:\Users\AIRWORX 2\ntuser.dat.LOG1 - error opening [4]

C:\Users\AIRWORX 2\ntuser.dat.LOG2 - error opening [4]

C:\Users\AIRWORX 2\OneDrive\L5_8.pdf - error opening [4]

C:\Users\AIRWORX 2\OneDrive\Level 4 - 7 year olds team.pdf - error opening [4]

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunes Library.itlp/DBTemp/.status-com.apple.itdprep.command.runPostProcessing - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AboutForm.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror2.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror3.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AppManager.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/BackupRestore.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectBackground.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Connecting.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectPage.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectToUSB.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ContactsManager.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls2.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/DeviceInfo.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/DeviceInfoBkg.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/facebook-twitter.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/facebookbackground.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FileManager.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00000.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00001.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00002.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00003.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00004.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00005.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00006.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00007.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00008.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00009.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00010.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00011.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00012.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00013.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00014.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00015.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00016.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00017.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00018.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00019.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00020.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00021.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00022.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00023.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00024.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00025.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00026.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00027.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00028.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00029.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00030.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00031.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00032.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00033.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00034.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00035.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00036.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00037.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00038.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00039.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00040.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00041.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00042.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00043.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00044.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00045.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00046.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00047.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00048.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00049.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ftload.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/GooglePlay.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/GooglePlay.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/icon.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Install.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/InstallDaemon.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/iOSConnecting.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/IosControl.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/IosManager.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/iOSUSBFail.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Main.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MessageBox.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MGIOSNew.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MusicManager.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Navigate.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Navigator.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newcontrols.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewiOSControl.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewiOSOther.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newothers.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewPhotos.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newskinform.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Numbers.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/OnlineResDown.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/OpenMG.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Others.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhoneTransfer.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhoneTransferNew.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhotoForm.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhotoManager.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/pic.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PrivacyMainpage.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Reconnect.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/RegisterForm.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ResManager.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/robot.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SearchContacts.gif - archive damaged - the file could not be extracted.

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SkinForm.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/sleep.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SmsManager.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SpaceAndMediaManager.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SpaceCleanScanFlash.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SuperTool.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SymbianGuide.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/TakeQRCode.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ToolBox.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/toolbox_icon.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Transfer.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Transfer.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/TransferState.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/twitterbackground.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/USBFail.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/VideoManager.xml - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ViewStyle.png - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Chinese.dat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ ChineseTrad.dat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ English.dat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ French.dat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ German.dat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Italiano.dat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Japanese.dat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Portuguese.dat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Spanish.dat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandnetbus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgusbbus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/massfilter_hs.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgp.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgpfl.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motswch.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/N06CBus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/PSKTBus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0bus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0whnt.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadbus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadwhnt.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaebus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaewhnt.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssudbus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/usb.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WdfCoInstaller01009.dll - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WinUSBCoInstaller2.dll - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/wsadb.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandnetbus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgusbbus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/massfilter_hs.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgp.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgpfl.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motswch.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/N06CBus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/PSKTBus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0bus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0whnt.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadbus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadwhnt.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaebus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaewhnt.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssudbus.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usb.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usbccgp.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/WdfCoInstaller01009.dll - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/winusbcoinstaller2.dll - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/wsadb.sys - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ psktbus.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ PSKTBus.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.inf - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.cat - error - password-protected file

C:\Users\All Users\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.inf - error - password-protected file

C:\Users\All Users\Kaspersky Lab\KSS4\DataRoot\data\sfdb.dat - error opening [4]

C:\Users\All Users\Kaspersky Lab\KSS4\DataRoot\data\sfdb_md5.dat - error opening [4]

C:\Users\All Users\Kaspersky Lab Setup Files\KSS16.0.0.1344.0.36.0\kss.msi ¯ MSI ¯ KSS.cab ¯ CAB ¯ ushata.dll - is OK

C:\Users\All Users\Microsoft\Network\Downloader\edb.log - error opening [4]

C:\Users\All Users\Microsoft\Network\Downloader\qmgr.db - error opening [4]

C:\Users\All Users\Microsoft\Network\Downloader\qmgr.jfm - error opening [4]

C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\edb.jtx - error opening [4]

C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Windows.edb - error opening [4]

C:\Users\All Users\Microsoft\Search\Data\Applications\Windows\Windows.jfm - error opening [4]

C:\Users\All Users\Microsoft\Windows\LfSvc\Geofence\GeofenceApplicationID.dat - error opening [4]

C:\Users\All Users\Oracle\Java\installcache\baseimagefam8 ¯ ZIP ¯ lib/rt.pack ¯ PACK200 - archive damaged

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunes Library.itlp/DBTemp/.status-com.apple.itdprep.command.runPostProcessing - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AboutForm.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror2.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AndroidMirror3.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AppManager.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/BackupRestore.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectBackground.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Connecting.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectPage.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ConnectToUSB.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ContactsManager.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Controls2.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/DeviceInfo.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/DeviceInfoBkg.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/facebook-twitter.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/facebookbackground.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FileManager.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00000.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00001.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00002.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00003.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00004.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00005.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00006.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00007.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00008.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00009.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00010.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00011.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00012.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00013.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00014.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00015.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00016.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00017.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00018.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00019.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00020.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00021.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00022.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00023.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00024.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00025.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00026.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00027.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00028.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00029.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00030.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00031.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00032.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00033.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00034.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00035.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00036.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00037.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00038.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00039.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00040.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00041.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00042.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00043.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00044.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00045.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00046.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00047.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00048.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/FlashForm/Final1_00049.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ftload.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/GooglePlay.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/GooglePlay.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/icon.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Install.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/InstallDaemon.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/iOSConnecting.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/IosControl.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/IosManager.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/iOSUSBFail.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Main.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MessageBox.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MGIOSNew.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/MusicManager.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Navigate.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Navigator.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newcontrols.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewiOSControl.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewiOSOther.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newothers.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/NewPhotos.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/newskinform.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Numbers.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/OnlineResDown.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/OpenMG.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Others.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhoneTransfer.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhoneTransferNew.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhotoForm.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PhotoManager.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/pic.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/PrivacyMainpage.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Reconnect.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/RegisterForm.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ResManager.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/robot.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SearchContacts.gif - archive damaged - the file could not be extracted.

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SkinForm.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/sleep.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SmsManager.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SpaceAndMediaManager.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SpaceCleanScanFlash.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SuperTool.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/SymbianGuide.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/TakeQRCode.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ToolBox.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/toolbox_icon.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Transfer.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/Transfer.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/TransferState.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/twitterbackground.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/USBFail.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/VideoManager.xml - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/ViewStyle.png - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Chinese.dat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ ChineseTrad.dat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ English.dat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ French.dat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ German.dat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Italiano.dat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Japanese.dat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Portuguese.dat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Spanish.dat - error - password-protected file

#67
BrandiCopas

Posted 01 August 2017 - 09:40 AM

Member

Topic Starter
Member
79 posts

Last bit of eset

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandnetbus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgusbbus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/massfilter_hs.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgp.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motccgpfl.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/motswch.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/N06CBus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/PSKTBus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0bus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/shu0whnt.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadbus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssadwhnt.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaebus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssaewhnt.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/ssudbus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/usb.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WdfCoInstaller01009.dll - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/WinUSBCoInstaller2.dll - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/wsadb.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidusb.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ androidwinusb.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ generaladb.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandnetbus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgusbbus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/massfilter_hs.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgp.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgpfl.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motswch.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/N06CBus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/PSKTBus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0bus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0whnt.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadbus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadwhnt.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaebus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaewhnt.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssudbus.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usb.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/usbccgp.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/WdfCoInstaller01009.dll - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/winusbcoinstaller2.dll - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/wsadb.sys - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandbus.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetadb.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgandnetbus.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ lgusbbus.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ motccgp.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ N06CBus.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ psktbus.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ PSKTBus.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ shu0bus.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssadbus.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssaebus.inf - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.cat - error - password-protected file

C:\Users\Public\Documents\Wondershare\mobilego_full818.exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ ssudbus.inf - error - password-protected file

C:\Windows\appcompat\Programs\Amcache.hve - error opening [4]

C:\Windows\appcompat\Programs\Amcache.hve.LOG1 - error opening [4]

C:\Windows\appcompat\Programs\Amcache.hve.LOG2 - error opening [4]

C:\Windows\Installer\1431c9b4.msi ¯ MSI ¯ _5A8F4492F0A005EE4C470B8FA9B98D08 ¯ CAB ¯ _17C8C8385D0B8761CA35A22B90A0A0F1.5C7D6400ACF34A958BC9D1EDA2376E81 ¯ CRYPTOOBFUSCATOR - unpack error

C:\Windows\Installer\1431c9b4.msi ¯ MSI ¯ _5A8F4492F0A005EE4C470B8FA9B98D08 ¯ CAB ¯ _BACA9259EBDC6C3F6602410B1137C4DF.5C7D6400ACF34A958BC9D1EDA2376E81 ¯ CRYPTOOBFUSCATOR - unpack error

C:\Windows\Installer\55e70b.msi ¯ MSI ¯ KSS.cab ¯ CAB ¯ ushata.dll - is OK

C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT - error opening [4]

C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 - error opening [4]

C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 - error opening [4]

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-e61bcdba.exe ¯ CAB ¯ mpasbase.vdm - archive damaged - the file could not be extracted.

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-e61bcdba.exe ¯ CAB ¯ mpengine.dll - error reading archive

C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT - error opening [4]

C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 - error opening [4]

C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 - error opening [4]

C:\Windows\System32\config\BBI - error opening [4]

C:\Windows\System32\config\BBI.LOG1 - error opening [4]

C:\Windows\System32\config\BBI.LOG2 - error opening [4]

C:\Windows\System32\config\DEFAULT - error opening [4]

C:\Windows\System32\config\DEFAULT.LOG1 - error opening [4]

C:\Windows\System32\config\DEFAULT.LOG2 - error opening [4]

C:\Windows\System32\config\RegBack\DEFAULT - error opening [4]

C:\Windows\System32\config\RegBack\SAM - error opening [4]

C:\Windows\System32\config\RegBack\SECURITY - error opening [4]

C:\Windows\System32\config\RegBack\SOFTWARE - error opening [4]

C:\Windows\System32\config\RegBack\SYSTEM - error opening [4]

C:\Windows\System32\config\SAM - error opening [4]

C:\Windows\System32\config\SAM.LOG1 - error opening [4]

C:\Windows\System32\config\SAM.LOG2 - error opening [4]

C:\Windows\System32\config\SECURITY - error opening [4]

C:\Windows\System32\config\SECURITY.LOG1 - error opening [4]

C:\Windows\System32\config\SECURITY.LOG2 - error opening [4]

C:\Windows\System32\config\SOFTWARE - error opening [4]

C:\Windows\System32\config\SOFTWARE.LOG1 - error opening [4]

C:\Windows\System32\config\SOFTWARE.LOG2 - error opening [4]

C:\Windows\System32\config\SYSTEM - error opening [4]

C:\Windows\System32\config\SYSTEM.LOG1 - error opening [4]

C:\Windows\System32\config\SYSTEM.LOG2 - error opening [4]

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Notifications\WPNPRMRY.tmp - error opening [4]

C:\Windows\System32\DriverStore\FileRepository\wceusbsh.inf_amd64_ed7e79d05f4c4512\wmupdate.msi ¯ MSI ¯ data.cab ¯ CAB ¯ Formdll.dll - is OK

C:\Windows\System32\LogFiles\WMI\LwtNetLog.etl - error opening [4]

C:\Windows\System32\LogFiles\WMI\Wifi.etl - error opening [4]

C:\Windows\Temp\APPX.5ns3fi3fmp29hup4qfwnn4a2b.tmp - error opening [4]

C:\Windows\Temp\APPX._yuixzg6_qsl_aswx0iupifsf.tmp - error opening [4]

C:\Windows\Temp\APPX.axc5c2_jesbhxusojjh2d4gee.tmp - error opening [4]

C:\Windows\Temp\APPX.dwj1m9ciondpkeu1lm55n2h3g.tmp - error opening [4]

C:\Windows\Temp\APPX.fiwjsdsn12_t76g_qf4wet8bb.tmp - error opening [4]

C:\Windows\Temp\APPX.m8_kc7hqq6mp6ee7n11yuay1c.tmp - error opening [4]

C:\Windows\Temp\APPX.uauho3c5k6fkyxn0jyfxltjib.tmp - error opening [4]

C:\Windows\Temp\APPX.yib0cvizf7jv_o51tenz1_xtd.tmp - error opening [4]

C:\Windows\Temp\ioc0585851B-9028-5548-B714-E63721F06227.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc190060CF-FEA8-F44B-BF7D-763A876A2F5B.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc1C55B069-123E-E640-A2F2-BD07715C3820.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc1D145718-7EA2-884A-90BE-373ACD5DB5A7.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc1EBFC92E-E7FD-4944-B5B3-2AADBCBD3A68.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc21099E62-0412-CD45-AE63-96083FAEAD60.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc21843129-A443-6B4E-8F43-6F64134B56AE.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc2F685B4C-DF66-EF4F-AB77-B76C5847E117.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc33CFD6EC-39DD-6F42-803B-725839E8256D.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc3804B15C-808E-DF4A-A987-765E16CB979B.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc55F97051-AEE6-3E4D-94C0-63E5AF281E82.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc56F47DC6-1FEA-6B4B-8CAA-7EDAFE62F4EE.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc5807729B-34AD-7148-BC47-A7DEFDD81776.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc5A49D31B-75E1-5946-95CE-E842D31F0C1D.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc6258F549-ED3A-EB41-BFF9-3F4090C8ADB4.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc69D87BCE-008D-1B42-ADD9-18CC495E66A6.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc6CB4472A-F435-3B48-8D58-D2E64A3173C9.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc7158B330-4D8F-F346-9C7B-DC153AAE88CB.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc717AB766-01E6-464C-A5DE-851E727ACFC9.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc76AC2F26-7026-1C47-A2D1-DEB5613A3939.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc771EFB2F-501D-044F-8307-5F1AE89BAA12.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc796AE1B4-2CA8-A04C-B307-D4D589EEE376.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc8349E797-BF14-1A48-A857-C01F9B0A956D.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc8787857C-116D-0848-AC94-24E8D6C97D81.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc8DBB3CB4-A99E-9E41-8E9C-14D284D1C944.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\ioc9CB415D5-B3EB-2149-AF7C-45091C756342.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocA12D01AA-DC50-B540-9B26-75F902186F4B.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocA341E045-EBDD-1145-96CE-FD5DE582454C.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocA56993DD-7109-DD42-B0AF-44C843836D72.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocB7436795-1585-F842-BE2F-9B83D8289E4C.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocB829FD91-AD96-7E40-8716-F6B5559CC56E.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocBE589079-DD4B-FC4D-8EB0-E89C00F43C7B.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocBF1BB6F1-83A9-ED4C-AF8F-BCDAC74C2AFC.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocC4779F82-D6B8-D941-A01C-42857B93DB68.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocC57BC4D0-E494-8E4C-9127-8F93BCE2FA7E.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocCD940C0B-99A6-6240-8FE2-E684F6A7C888.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocD48C24AE-FB92-2D49-8A2D-20C745E17E69.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocDDB69CDE-1A4B-C540-A174-37929B02038C.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocE5028D28-B30E-0F4E-9A6B-D1B4FAABA150.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocF0964DE9-B318-1A42-AD0D-E999843689AB.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocF145167C-0C93-B44D-80B5-8CB30BF92B8F.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

C:\Windows\Temp\iocF34AC79C-A21F-F74A-B950-7B8A53A017B3.htm - JS/Kryptik.BBC trojan - cleaned by deleting [1]

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu (2017_07_19 12_04_05 UTC).iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw-pxe.ncf ¯ ZIP ¯ T1:X3_101115_1_8_1_expROM_FW_uni_template_rmt_cmd_line.txt - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu (2017_07_19 12_04_05 UTC).iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw-pxe.ncf ¯ ZIP ¯ T1A:X3_101115_1_8_1_expROM_FW_uni_template_rmt_cmd_line.txt - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu (2017_07_19 12_04_05 UTC).iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw-pxe.ncf ¯ ZIP ¯ T1A:X3_101115_1_8_1_expROM_FW_uni_template_flash0.bin - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu (2017_07_19 12_04_05 UTC).iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw-pxe.ncf ¯ ZIP ¯ T1A:X3_101115_1_8_1_expROM_FW_uni_template_eeprom0.bin - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu (2017_07_19 12_04_05 UTC).iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw.ncf ¯ ZIP ¯ T1:X3_101025_1_8_1_expROM_FW_uni_template_rmt_cmd_line.txt - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu (2017_07_19 12_04_05 UTC).iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw.ncf ¯ ZIP ¯ T1:X3_101025_1_8_1_expROM_FW_uni_template_flash0.bin - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu (2017_07_19 12_04_05 UTC).iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw.ncf ¯ ZIP ¯ T1:X3_101025_1_8_1_expROM_FW_uni_template_eeprom0.bin - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu (2017_07_19 12_04_05 UTC).iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw.ncf ¯ ZIP ¯ T1A:X3_101025_1_8_1_expROM_FW_uni_template_rmt_cmd_line.txt - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu (2017_07_19 12_04_05 UTC).iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw.ncf ¯ ZIP ¯ T1A:X3_101025_1_8_1_expROM_FW_uni_template_flash0.bin - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Desktop\Cleanup apps\eset-sysrescue.1.0.9.0.enu (2017_07_19 12_04_05 UTC).iso ¯ ISO ¯ casper\initrd.lz ¯ GZIP ¯ initrd.lz ¯ CPIO ¯ lib/firmware/vxge/X3fw.ncf ¯ ZIP ¯ T1A:X3_101025_1_8_1_expROM_FW_uni_template_eeprom0.bin - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Desktop\DVR-H9116uvdh (2017_07_19 12_04_05 UTC).zip ¯ ZIP ¯ H9116uvdh/Video_Client_ZMODO_ENG_V1.1.3_20110817_854.exe ¯ ADVANCEDINSTALLER - archive damaged

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Desktop\MicrosoftInstaller (2017_07_19 12_04_05 UTC).exe ¯ CAB ¯ officesuitewwsp1-x-none.msp - decompression could not complete (possible reasons: insufficient free memory or disk space, or a problem with temp folders)

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Downloads\cbSetup (2017_07_24 12_21_09 UTC).exe ¯ ZIP ¯ cbDecompressor.exe - is OK

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Downloads\cbSetup (2017_07_24 12_21_09 UTC).exe ¯ ZIP ¯ cbEngine.dll - is OK

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Downloads\Drag and Drop Backup-2.1.33-prod (2017_07_19 12_04_05 UTC).msi ¯ MSI ¯ _5A8F4492F0A005EE4C470B8FA9B98D08 ¯ CAB ¯ _17C8C8385D0B8761CA35A22B90A0A0F1.5C7D6400ACF34A958BC9D1EDA2376E81 ¯ CRYPTOOBFUSCATOR - unpack error

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Downloads\Drag and Drop Backup-2.1.33-prod (2017_07_19 12_04_05 UTC).msi ¯ MSI ¯ _5A8F4492F0A005EE4C470B8FA9B98D08 ¯ CAB ¯ _BACA9259EBDC6C3F6602410B1137C4DF.5C7D6400ACF34A958BC9D1EDA2376E81 ¯ CRYPTOOBFUSCATOR - unpack error

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Downloads\ta16az1040 (2017_07_19 12_04_05 UTC).exe ¯ INDIGOROSE - error reading archive

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Downloads\ta16stplus (2017_07_19 12_04_05 UTC).exe ¯ INDIGOROSE - error reading archive

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Downloads\Training Doc.zip.nrdzk20 (2017_07_19 12_04_05 UTC).partial ¯ ZIP ¯ DSCF0041.AVI - error reading archive

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Dropbox\Allen-Shared\CosmicJump_163671_DPMA_GUI_536 (2017_07_19 12_04_05 UTC).msi ¯ MSI ¯ Binary.RMMSetup.exe ¯ INDIGOROSE - error reading archive

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\AIRWORX 2\Dropbox\Cosmic Jump (1)\RMM-Scanning-Tool (2017_07_19 12_04_05 UTC).exe ¯ INDIGOROSE - error reading archive

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunes Library.itlp/DBTemp/.status-com.apple.itdprep.command.runPostProcessing - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios5.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios6.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-shm - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb-wal - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb-shm - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios7.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesCDB - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/iTunesPrefs.plist - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/MediaLibrary.sqlitedb - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/PlayCounts.plist.cig - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/UbiquitousMetadata.sqlitedb - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Library\iTunes_Control_ios8.zip ¯ ZIP ¯ iTunes_Control/iTunes/VoiceMemos.plist - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Skin\Default.skin ¯ ZIP ¯ Default/AboutForm.xml - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {app}\Languages\Languages.dat ¯ ZIP ¯ Chinese.dat - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ amd64/lgandbus.sys - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandbus.sys - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgandnetbus.sys - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/lgusbbus.sys - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/massfilter_hs.sys - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/motccgpfl.sys - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/shu0whnt.sys - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssadwhnt.sys - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/ssaewhnt.sys - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/WdfCoInstaller01009.dll - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ i386/winusbcoinstaller2.dll - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.cat - error - password-protected file

E:\FileHistory\AIRWORX 2\AIRWORX2-PC\Data\C\Users\Public\Documents\Wondershare\mobilego_full818 (2017_07_19 12_04_05 UTC).exe ¯ INNO ¯ {userappdata}\Wondershare\MobileGo\Drivers\driver_androidusb.zip ¯ ZIP ¯ massfilter_hs.inf - error - password-protected file

E:\Program Files\Cosmi\Print Perfect Photo Editor\AutoUpdate\AutoUpdate.exe ¯ SZDD ¯ AutoUpdate.exe - unpack error

E:\Program Files\gsusp_021312_232320.zip ¯ ZIP ¯ Logs\Files.xml - error - password-protected file

E:\Program Files\gsusp_021312_232320.zip ¯ ZIP ¯ Logs\Files.xsl - error - password-protected file

E:\Program Files\gsusp_021312_232320.zip ¯ ZIP ¯ Logs\McAfee-Product.txt - error - password-protected file

E:\Program Files\gsusp_021312_232320.zip ¯ ZIP ¯ Logs\Network.xml - error - password-protected file

E:\Program Files\gsusp_021312_232320.zip ¯ ZIP ¯ Logs\Network.xsl - error - password-protected file

E:\Program Files\gsusp_021312_232320.zip ¯ ZIP ¯ GetSusp.xml - error - password-protected file

E:\Program Files\gsusp_021312_232320.zip ¯ ZIP ¯ Logs\GetSusp.xsl - error - password-protected file

E:\Program Files\gsusp_021312_232320.zip ¯ ZIP ¯ Logs\GetSusp.log - error - password-protected file

E:\Program Files\internet explorer\Temporary Internet Files\Content.IE5\W7C9AG3U\setupdemoBV3[1].exe ¯ INNO ¯ - archive damaged

E:\Program Files\Microsoft\Windows Live Mail\Msn (Realto a39\Deleted items\408F4297-00002503.eml ¯ MIME ¯ part001.htm - archive damaged - the file could not be extracted.

E:\Program Files\Microsoft\Windows Live Mail\Msn (Realto a39\Inbox\0C611D62-00001CA3.eml ¯ MIME ¯ part001.htm - archive damaged - the file could not be extracted.

E:\Program Files\Microsoft\Windows Live Mail\Msn (Realto a39\Inbox\13BB7B6D-00002D47.eml ¯ MIME ¯ part001.htm - archive damaged - the file could not be extracted.

E:\Program Files\Microsoft\Windows Live Mail\Msn (Realto a39\Inbox\215F737F-00002E25.eml ¯ MIME ¯ part001.htm - archive damaged - the file could not be extracted.

E:\Program Files\Microsoft\Windows Live Mail\Msn (Realto a39\Inbox\27D25AFA-00002B2D.eml ¯ MIME ¯ part001.htm - archive damaged - the file could not be extracted.

E:\Program Files\Microsoft\Windows Live Mail\Msn (Realto a39\Inbox\482E1212-00003387.eml ¯ MIME ¯ part001.htm - archive damaged - the file could not be extracted.

E:\Program Files\Microsoft\Windows Live Mail\Msn (Realto a39\Inbox\5A6E7694-000028E5.eml ¯ MIME ¯ part001.htm - archive damaged - the file could not be extracted.

E:\Program Files\Microsoft\Windows Live Mail\Msn (Realto a39\Inbox\740A0C8E-00001CAD.eml ¯ MIME ¯ part001.htm - archive damaged - the file could not be extracted.

E:\Program Files\Microsoft\Windows Live Mail\Storage Folders\Recovered items\08-21-2011 2fc\59654F58-00000013.eml ¯ MIME ¯ part001.htm - archive damaged - the file could not be extracted.

E:\Program Files\Microsoft\Windows Live Mail\Storage Folders\Recovered items\11-09-2011 e42\373A7C99-00000273.eml ¯ MIME ¯ 62 ¯ ZIP ¯ 62901.exe - archive damaged - the file could not be extracted.

E:\Program Files\Microsoft\Windows Live Mail\Storage Folders\Recovered items\11-09-2011 e42\60A942BE-00000123.eml ¯ MIME ¯ part001.htm - archive damaged - the file could not be extracted.

E:\Program Files\OOo_2.4.1_Win32Intel_install_wJRE_en-US.exe ¯ NSIS ¯ openoffice.org-pyuno.cab ¯ CAB ¯ testtar.tar ¯ TAR ¯ - archive damaged

E:\Program Files\roxiomydvd10sp1\roxiomydvd10sp1.exe ¯ INDIGOROSE - archive damaged

E:\sms.txt ¯ MIME ¯ part000.txt ¯ MIME ¯ part000.txt ¯ MIME ¯ part000.txt ¯ MIME ¯ part000.txt ¯ MIME ¯ part000.txt ¯ MIME ¯ part000.txt ¯ MIME ¯ part000.txt ¯ MIME ¯ part000.txt ¯ MIME ¯ part000.txt ¯ MIME ¯ part000.txt ¯ MIME - too many archives embedded

E:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]

E:\System Volume Information\{6b0785b6-babf-11e1-aaa7-9cb70d9b5d3e}{3808876b-c176-4e48-b7ae-04046e6cc752} - error opening [4]

Boot sector of disk F: - error opening [4]

Number of scanned objects: 6149987

Number of threats found: 42

Number of cleaned objects: 42

Time of completion: 9:23:04 AM Total scanning time: 21016 sec (05:50:16)

Notes:

[1] Object has been deleted as it only contained the virus body.

[4] Object cannot be opened. It may be in use by another application or operating system.

#68
BrandiCopas

Posted 01 August 2017 - 09:42 AM

Member

Topic Starter
Member
79 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2017

Ran by AIRWORX 2 (administrator) on AIRWORX2-PC (01-08-2017 06:19:48)

Running from C:\Users\AIRWORX 2\Desktop

Loaded Profiles: AIRWORX 2 (Available Profiles: AIRWORX 2 & Administrator)

Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe

() C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe

(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(ESET) C:\Program Files\ESET\ESET Security\egui.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Microsoft Corporation) C:\Windows\System32\CastSrv.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Hewlett-Packard )

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)

HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [18248 2013-05-14] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-07-12] (Dropbox, Inc.)

HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)

HKLM\...\Policies\Explorer: [0] 0

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\Run: [Kaspersky Software Updater] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe [1565000 2016-11-26] (AO Kaspersky Lab)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{fa3ce8d6-7afe-4ad0-a04f-b501407fe7a5}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK13/1

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1

SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

SearchScopes: HKU\S-1-5-21-2671885098-678752524-1400920573-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-2671885098-678752524-1400920573-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)

BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDFViewer\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-24] (Oracle Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-24] (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)

Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)

Toolbar: HKU\S-1-5-21-2671885098-678752524-1400920573-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1499697116239

DPF: HKLM-x32 {D66F9BB1-7D8E-4A96-9166-20FCC91CBFE9} hxxp://99.7.214.118/FDSH_DVR.CAB

DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com//activex/ractrl.cab?lmi=3379

FireFox:

========

FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-24] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-24] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)

FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDFViewer\bin\nppdf.dll [2011-07-15] (Zeon Corporation)

FF Plugin HKU\S-1-5-21-2671885098-678752524-1400920573-1001: @citrixonline.com/appdetectorplugin -> C:\Users\AIRWORX 2\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-04-02] (Citrix Online)

Chrome:

=======

CHR DefaultProfile: Profile 10

CHR HomePage: Profile 10 -> hxxp://google.com/

CHR Profile: C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-07-28]

CHR Profile: C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 10 [2017-08-01]

CHR Extension: (Google Slides) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-28]

CHR Extension: (Google Docs) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-28]

CHR Extension: (Google Drive) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-28]

CHR Extension: (YouTube) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-28]

CHR Extension: (Google Sheets) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-28]

CHR Extension: (Google Docs Offline) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-28]

CHR Extension: (Chrome Web Store Payments) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-28]

CHR Extension: (Gmail) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-28]

CHR Extension: (Chrome Media Router) - C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-28]

CHR Profile: C:\Users\AIRWORX 2\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor4.0; C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [102400 2005-09-09] () [File not signed]

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]

R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-24] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-24] (Dropbox, Inc.)

R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-07-12] (Dropbox, Inc.)

R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2625368 2017-07-26] (ESET)

R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321896 2017-07-06] (HP Inc.)

R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)

R3 ksu; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe [1565000 2016-11-26] (AO Kaspersky Lab)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)

S2 MySQL; C:\Program Files (x86)\MySQL\MySQL Server 5.0\my.ini [8958 2017-07-19] () [File not signed]

R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77640 2013-05-14] (Nuance Communications, Inc.)

R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [File not signed]

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)

R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132848 2017-07-26] (ESET)

R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107344 2017-03-09] (ESET)

S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14880 2017-03-09] (ESET)

R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [178056 2017-03-09] (ESET)

S4 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50752 2017-03-09] (ESET)

R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78192 2017-03-09] (ESET)

R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [101648 2017-03-09] (ESET)

S3 ESETCleanersDriver; C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [181160 2017-07-27] (ESET)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()

R1 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-31] (Malwarebytes)

R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-08-01] (Malwarebytes)

R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-08-01] (Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-01] (Malwarebytes)

R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-08-01] (Malwarebytes)

R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2015-01-08] (CACE Technologies, Inc.)

R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2016-10-27] (Realsil Semiconductor Corporation)

S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()

U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-08-01] ()

R0 vidsflt53; C:\WINDOWS\System32\DRIVERS\vsflt53.sys [141920 2016-03-03] (Acronis)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-01 06:18 - 2017-08-01 06:18 - 000000000 ____D C:\Users\AIRWORX 2\Desktop\FRST-OlderVersion

2017-08-01 05:58 - 2017-08-01 05:58 - 000000000 ____D C:\WINDOWS\Panther

2017-07-31 15:33 - 2017-07-31 15:33 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Local\NetworkTiles

2017-07-31 15:25 - 2017-07-31 15:25 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Local\MicrosoftEdge

2017-07-31 13:36 - 2017-07-31 13:36 - 006754944 _____ (ESET spol. s r.o.) C:\Users\AIRWORX 2\Downloads\esetonlinescanner_enu (1).exe

2017-07-31 13:29 - 2017-07-31 13:29 - 000511683 _____ C:\Users\AIRWORX 2\Desktop\find files.txt

2017-07-28 08:44 - 2017-07-28 08:44 - 000000000 _____ C:\WINDOWS\system32\set

2017-07-28 07:54 - 2017-07-28 07:54 - 000003032 _____ C:\Users\AIRWORX 2\Documents\kasp report.txt

2017-07-28 06:15 - 2017-07-28 06:15 - 000576231 _____ C:\Users\AIRWORX 2\Downloads\DTec13656.pdf

2017-07-28 06:06 - 2017-07-28 06:06 - 000075669 _____ C:\Users\AIRWORX 2\Downloads\COSMIC JUMP (4).pdf

2017-07-28 06:01 - 2017-07-28 06:01 - 000053739 _____ C:\Users\AIRWORX 2\Downloads\HS-2.8.17 #2888 CJump KCity Jan Inv&Rep SH (1).pdf

2017-07-28 05:54 - 2017-07-28 05:54 - 000151083 _____ C:\Users\AIRWORX 2\Downloads\COSMIC JUMP - Inv.pdf

2017-07-28 05:39 - 2017-07-28 06:17 - 000002182 _____ C:\Users\AIRWORX 2\Downloads\data (35).csv

2017-07-28 05:17 - 2017-07-28 05:17 - 000002299 _____ C:\Users\AIRWORX 2\Desktop\Google Chrome.lnk

2017-07-28 03:35 - 2017-07-28 03:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate

2017-07-27 07:33 - 2017-07-27 07:33 - 008162248 _____ (Malwarebytes) C:\Users\AIRWORX 2\Downloads\AdwCleaner.exe

2017-07-27 07:33 - 2017-07-27 07:33 - 001790024 _____ (Malwarebytes) C:\Users\AIRWORX 2\Downloads\JRT.exe

2017-07-27 07:31 - 2017-08-01 05:57 - 000100055 _____ C:\Users\AIRWORX 2\Desktop\copy and paste stuff.txt

2017-07-27 06:25 - 2017-07-27 06:25 - 000995572 _____ C:\Users\AIRWORX 2\Desktop\rel.XML

2017-07-27 06:02 - 2017-07-27 06:02 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Local\.IdentityService

2017-07-27 04:08 - 2017-07-27 04:08 - 000183220 _____ C:\Users\AIRWORX 2\Downloads\Appsdiagnostic10.diagcab

2017-07-27 03:23 - 2017-07-27 03:23 - 000011327 _____ C:\Users\AIRWORX 2\Desktop\eset threat findings.txt

2017-07-26 12:22 - 2017-07-26 12:22 - 000004857 _____ C:\Users\AIRWORX 2\Desktop\msrt results no infected files.txt

2017-07-26 11:56 - 2017-07-26 11:56 - 140634896 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\Downloads\msert (4).exe

2017-07-26 11:13 - 2017-07-26 11:13 - 000000105 _____ C:\Users\AIRWORX 2\Downloads\418361750929.json

2017-07-26 10:47 - 2017-07-26 10:47 - 129732880 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\Downloads\mpam-fe (3).exe

2017-07-26 10:45 - 2017-07-26 10:46 - 129732880 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\Downloads\mpam-fe (2).exe

2017-07-26 10:45 - 2017-07-26 10:45 - 129732880 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\Downloads\mpam-fe (1).exe

2017-07-26 10:38 - 2017-07-26 10:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017

2017-07-26 10:25 - 2017-07-28 02:15 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\Visual Studio Setup

2017-07-26 10:25 - 2017-07-26 10:25 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\vstelemetry

2017-07-26 10:25 - 2017-07-26 10:25 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Local\ServiceHub

2017-07-26 10:24 - 2017-07-28 02:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio

2017-07-26 09:01 - 2017-07-26 09:01 - 000000000 ____D C:\DGLogs

2017-07-26 09:00 - 2017-07-26 09:00 - 000000000 ____D C:\Users\AIRWORX 2\Downloads\DG_CG_hardware_readiness_tool_v3.2

2017-07-26 08:59 - 2017-05-04 12:11 - 000075680 _____ C:\Users\AIRWORX 2\Downloads\DG_Readiness_Tool_v3.2.ps1

2017-07-26 08:58 - 2017-07-26 08:58 - 000031743 _____ C:\Users\AIRWORX 2\Downloads\DG_CG_hardware_readiness_tool_v3.2.zip

2017-07-26 08:44 - 2017-07-26 08:44 - 140606736 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\Desktop\msert.exe

2017-07-26 07:41 - 2017-07-26 07:42 - 000901670 _____ C:\Users\AIRWORX 2\Desktop\reliability history 7-26-2017.XML

2017-07-26 07:34 - 2017-07-26 07:34 - 044003024 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\Downloads\Windows-KB890830-x64-V5.50.exe

2017-07-26 07:16 - 2017-07-26 07:17 - 001771288 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\Downloads\nis_full.exe

2017-07-26 07:12 - 2017-07-26 07:12 - 000002259 _____ C:\WINDOWS\epplauncher.mif

2017-07-26 07:11 - 2017-07-26 07:17 - 129705744 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\Downloads\mpam-fe.exe

2017-07-26 03:19 - 2017-07-26 03:19 - 000195346 _____ C:\Users\AIRWORX 2\Desktop\wu170509.diagcab

2017-07-26 02:59 - 2017-07-26 02:59 - 000022932 _____ C:\Users\AIRWORX 2\Desktop\allowed outbound firewall rules.txt

2017-07-26 02:58 - 2017-07-26 02:58 - 000033651 _____ C:\Users\AIRWORX 2\Desktop\allowed inbound firewall settings.txt

2017-07-25 15:23 - 2017-07-25 15:23 - 000162545 _____ C:\Users\AIRWORX 2\Documents\My Vendor List 8-15-12.xlsx

2017-07-25 07:46 - 2017-07-25 07:46 - 000000000 ____D C:\Users\AIRWORX 2\Desktop\Encrypted documents

2017-07-25 07:46 - 2017-07-25 07:46 - 000000000 ____D C:\Users\AIRWORX 2\Desktop\Documents_1

2017-07-25 05:46 - 2017-07-25 05:46 - 000068611 _____ C:\Users\AIRWORX 2\Downloads\f.txt

2017-07-25 04:56 - 2017-07-25 04:56 - 005780817 _____ C:\Users\AIRWORX 2\Downloads\17351442_117133718779563_5086019384804114432_n.bin

2017-07-24 18:39 - 2017-07-24 18:25 - 3007731185 ____N C:\Users\AIRWORX 2\Desktop\LGBackup_170724.lbf

2017-07-24 11:31 - 2017-07-24 11:31 - 000843873 _____ C:\Users\AIRWORX 2\Downloads\TS103488179.potx

2017-07-24 11:29 - 2017-07-24 11:29 - 000004318 _____ C:\Users\AIRWORX 2\Downloads\MC900054580.WMF

2017-07-24 11:07 - 2017-07-24 11:07 - 000000000 ____D C:\Program Files (x86)\Seagate

2017-07-24 09:54 - 2017-07-24 09:54 - 000000000 ____D C:\WINDOWS\system32\SRSLabs

2017-07-24 09:54 - 2017-07-24 09:54 - 000000000 ____D C:\Program Files\IDT

2017-07-24 09:54 - 2013-11-20 10:43 - 006101504 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll

2017-07-24 09:54 - 2013-11-20 10:43 - 001897984 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl

2017-07-24 09:54 - 2013-11-20 10:43 - 001703424 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe

2017-07-24 09:54 - 2013-11-20 10:43 - 000464384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slapoi64.dll

2017-07-24 09:54 - 2013-11-20 10:43 - 000030389 _____ C:\WINDOWS\system32\DTS_TOWER.XML

2017-07-24 09:48 - 2017-07-31 05:16 - 000000000 ____D C:\WINDOWS\Minidump

2017-07-24 09:42 - 2017-07-24 09:42 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\FBA95002-17BB-4264-B1E2-EE748AD9FCC7

2017-07-24 09:42 - 2017-07-24 09:42 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\BE7A0D4F-259E-4ACF-95D4-65A4A82C6258

2017-07-24 09:33 - 2017-07-24 09:33 - 000479815 _____ C:\Users\AIRWORX 2\Documents\eStmt_2016-06-30.pdf

2017-07-24 09:33 - 2017-07-24 09:33 - 000477980 _____ C:\Users\AIRWORX 2\Documents\eStmt_2016-09-30.pdf

2017-07-24 09:33 - 2017-07-24 09:33 - 000469343 _____ C:\Users\AIRWORX 2\Documents\eStmt_2016-08-31.pdf

2017-07-24 09:33 - 2017-07-24 09:33 - 000453034 _____ C:\Users\AIRWORX 2\Documents\eStmt_2016-10-31.pdf

2017-07-24 08:36 - 2017-07-24 08:36 - 000206704 _____ C:\Users\AIRWORX 2\Documents\FTIBank of America _ Online Banking _ Accounts _ Account Details _ Account Activity.pdf

2017-07-24 08:29 - 2017-07-24 08:29 - 000453034 _____ C:\Users\AIRWORX 2\Downloads\eStmt_2016-10-31.pdf

2017-07-24 08:28 - 2017-07-24 08:28 - 000477980 _____ C:\Users\AIRWORX 2\Downloads\eStmt_2016-09-30.pdf

2017-07-24 08:27 - 2017-07-24 08:27 - 000479815 _____ C:\Users\AIRWORX 2\Downloads\eStmt_2016-06-30.pdf

2017-07-24 08:25 - 2017-07-24 08:25 - 000469343 _____ C:\Users\AIRWORX 2\Downloads\eStmt_2016-08-31.pdf

2017-07-24 08:18 - 2017-07-24 08:18 - 003286340 _____ C:\Users\AIRWORX 2\Downloads\DOC071317-002.pdf

2017-07-24 06:56 - 2017-07-24 14:50 - 000002073 _____ C:\Users\AIRWORX 2\Desktop\my post.txt

2017-07-24 05:55 - 2017-07-24 05:55 - 000000000 _____ C:\Users\AIRWORX 2\defogger_reenable

2017-07-24 05:54 - 2017-07-24 05:54 - 000050477 _____ C:\Users\AIRWORX 2\Downloads\Defogger.exe

2017-07-24 05:30 - 2017-07-24 05:30 - 002001544 _____ C:\Users\AIRWORX 2\Downloads\pc-decrapifier-3.0.1.exe

2017-07-24 05:12 - 2017-07-24 05:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11

2017-07-24 05:12 - 2017-07-24 05:12 - 000000000 ____D C:\Program Files (x86)\Cobian Backup 11

2017-07-24 05:10 - 2017-07-24 05:10 - 019709440 ____N (Luis Cobian, CobianSoft) C:\Users\AIRWORX 2\Downloads\cbSetup.exe

2017-07-24 05:04 - 2017-07-25 16:02 - 000070366 _____ C:\Users\AIRWORX 2\Desktop\Addition.txt

2017-07-24 05:01 - 2017-08-01 06:21 - 000016588 _____ C:\Users\AIRWORX 2\Desktop\FRST.txt

2017-07-24 05:01 - 2017-08-01 06:19 - 000000000 ____D C:\FRST

2017-07-24 04:51 - 2017-08-01 06:18 - 002381312 _____ (Farbar) C:\Users\AIRWORX 2\Desktop\FRST64.exe

2017-07-24 04:15 - 2017-07-24 04:15 - 000059467 ____N C:\Users\AIRWORX 2\Downloads\HS-5.8.17 #3104 CJump Allen April Inv&Rep SH (1).pdf

2017-07-24 04:12 - 2017-07-24 04:12 - 000071158 ____N C:\Users\AIRWORX 2\Downloads\07.11.17 Olathe-Holmes III LLC.pdf

2017-07-24 04:10 - 2017-07-24 04:10 - 000196464 ____N C:\Users\AIRWORX 2\Downloads\07.01.17 Olathe-AT&T.pdf

2017-07-24 04:09 - 2017-07-24 04:09 - 000480772 ____N C:\Users\AIRWORX 2\Downloads\07.17 Olathe-BOA Stmt.pdf

2017-07-24 04:08 - 2017-07-24 04:08 - 000072792 ____N C:\Users\AIRWORX 2\Downloads\06.30.17 Houston-CocaCola.pdf

2017-07-24 04:07 - 2017-07-24 04:07 - 000073576 ____N C:\Users\AIRWORX 2\Downloads\06.30.17 Dallas II-CocaCola.pdf

2017-07-24 04:01 - 2017-07-24 04:01 - 000044143 ____N C:\Users\AIRWORX 2\Downloads\Texas Notice of Tax-Fee Due.pdf

2017-07-24 03:48 - 2017-07-24 03:48 - 000257899 ____N C:\Users\AIRWORX 2\Downloads\1718abcdecalendar.pdf

2017-07-24 03:47 - 2017-07-24 03:47 - 001494216 ____N C:\Users\AIRWORX 2\Downloads\1718districtcalendar071917.pdf

2017-07-22 07:08 - 2017-05-19 23:02 - 001035264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebManagement.exe

2017-07-21 22:38 - 2017-07-21 22:38 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal

2017-07-21 22:38 - 2017-07-21 22:38 - 000000000 ___RD C:\WINDOWS\WebManagement

2017-07-21 22:38 - 2017-03-18 08:48 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationREST.dll

2017-07-21 22:38 - 2017-03-17 22:00 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvcapi.dll

2017-07-21 22:38 - 2017-03-17 22:00 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperTools.ProxyStub.dll

2017-07-21 22:38 - 2017-03-17 21:59 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevToolsLauncher.exe

2017-07-21 22:38 - 2017-03-17 21:59 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeployUtil.exe

2017-07-21 22:38 - 2017-03-17 21:58 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvc.dll

2017-07-21 22:38 - 2017-03-17 21:57 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshProxy.dll

2017-07-21 22:38 - 2017-03-17 21:56 - 000780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdp.dll

2017-07-21 22:38 - 2017-03-17 21:56 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSession.exe

2017-07-21 22:38 - 2017-03-17 21:56 - 000436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSftp.exe

2017-07-21 22:38 - 2017-03-17 21:55 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperToolsSvc.exe

2017-07-21 22:38 - 2017-03-17 21:53 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshBroker.dll

2017-07-21 07:57 - 2017-07-21 07:57 - 001118208 ____N C:\Users\AIRWORX 2\Desktop\eventviewer.evtx

2017-07-21 07:54 - 2017-07-21 07:54 - 000626956 ____N C:\Users\AIRWORX 2\Desktop\sys info.txt

2017-07-21 05:16 - 2017-07-21 05:16 - 000003784 ____N C:\Users\AIRWORX 2\Downloads\fixlist.txt

2017-07-21 02:37 - 2017-07-21 02:37 - 000031963 ____N C:\Users\AIRWORX 2\Downloads\Backup_17-17-07 10-43AM (1).zip

2017-07-21 02:36 - 2017-07-21 02:36 - 000031963 ____N C:\Users\AIRWORX 2\Downloads\Backup_17-17-07 10-43AM.zip

2017-07-21 02:18 - 2017-07-21 02:18 - 000001516 ____N C:\Users\AIRWORX 2\Desktop\malware bytes quar.txt

2017-07-20 12:57 - 2017-07-20 12:57 - 000000000 ____D C:\WINDOWS\ERUNT

2017-07-20 12:56 - 2017-07-20 12:58 - 000000646 _____ C:\DelFix.txt

2017-07-20 12:30 - 2015-08-09 11:12 - 000043104 ____N (NirSoft) C:\Users\AIRWORX 2\Desktop\AppCrashView.exe

2017-07-20 12:30 - 2015-08-09 11:12 - 000015426 ____N C:\Users\AIRWORX 2\Desktop\AppCrashView.chm

2017-07-20 12:30 - 2015-08-09 11:12 - 000007123 ____N C:\Users\AIRWORX 2\Desktop\readme.txt

2017-07-20 12:29 - 2017-07-20 12:29 - 000047265 ____N C:\Users\AIRWORX 2\Desktop\appcrashview.zip

2017-07-20 08:56 - 2017-08-01 06:00 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2017-07-20 08:56 - 2017-08-01 05:59 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2017-07-20 08:56 - 2017-08-01 05:59 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2017-07-20 08:55 - 2017-07-20 08:55 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2017-07-20 08:55 - 2017-07-20 08:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-07-20 08:55 - 2017-07-20 08:55 - 000000000 ____D C:\Program Files\Malwarebytes

2017-07-20 08:55 - 2017-06-27 12:06 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys

2017-07-20 08:54 - 2017-07-20 08:55 - 065033984 ____N (Malwarebytes ) C:\Users\AIRWORX 2\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe

2017-07-20 08:16 - 2017-07-20 08:16 - 135729424 ____N (Microsoft Corporation) C:\Users\AIRWORX 2\Downloads\msert (3).exe

2017-07-20 04:48 - 2017-07-20 04:48 - 001818624 ____N C:\Users\AIRWORX 2\Downloads\MBSASetup-x64-EN.msi

2017-07-19 08:41 - 2017-07-19 08:42 - 000066957 _____ C:\WINDOWS\system32\AIRWORX

2017-07-19 08:36 - 2017-07-19 08:40 - 000051333 ____N C:\Users\AIRWORX 2\Desktop\sfcdetails.txt

2017-07-19 07:56 - 2017-07-19 07:56 - 000342981 ____N C:\Users\AIRWORX 2\Downloads\PATIENT ACQUAINTENCE FORM 2017-signed.pdf

2017-07-19 07:13 - 2017-07-19 07:13 - 044003024 ____N (Microsoft Corporation) C:\Users\AIRWORX 2\Desktop\Windows-KB890830-x64-V5.50.exe

2017-07-19 06:58 - 2017-07-19 06:58 - 006361088 ____N C:\Users\AIRWORX 2\Desktop\windows security logs.evtx

2017-07-19 06:56 - 2017-07-19 06:56 - 001118208 ____N C:\Users\AIRWORX 2\Desktop\recent events.evtx

2017-07-19 06:56 - 2017-07-19 06:56 - 000000000 ____D C:\Users\AIRWORX 2\Desktop\LocaleMetaData

2017-07-19 05:13 - 2017-07-19 05:13 - 000335756 ____N C:\Users\AIRWORX 2\Desktop\reliability history.XML

2017-07-19 04:31 - 2017-07-19 04:31 - 000006054 ____N C:\Users\AIRWORX 2\Desktop\Kas findings some not addressed.txt

2017-07-19 03:06 - 2017-07-19 03:06 - 000012672 ____N C:\Users\AIRWORX 2\Desktop\full scan kas.txt

2017-07-19 03:05 - 2017-07-19 03:05 - 000002066 ____N C:\Users\AIRWORX 2\Desktop\Vul scan.txt

2017-07-18 19:47 - 2017-07-18 19:47 - 000455756 ____N C:\Users\AIRWORX 2\Downloads\OFFICE POLICIES FOR PPWORK 2017 WITH LOGO-signed.pdf

2017-07-18 14:04 - 2017-07-19 07:59 - 000100526 ____N C:\Users\AIRWORX 2\Downloads\HIPAA Privacy Authorization Form.pdf

2017-07-18 14:04 - 2017-07-18 14:04 - 000377763 ____N C:\Users\AIRWORX 2\Downloads\OFFICE POLICIES FOR PPWORK 2017 WITH LOGO.pdf

2017-07-18 14:04 - 2017-07-18 14:04 - 000179165 ____N C:\Users\AIRWORX 2\Downloads\PATIENT ACQUAINTENCE FORM 2017.pdf

2017-07-18 13:40 - 2017-07-18 13:58 - 000000000 ____D C:\Users\AIRWORX 2\Desktop\kc

2017-07-18 13:16 - 2017-07-18 13:16 - 000002066 ____N C:\Users\AIRWORX 2\Desktop\ks items found.txt

2017-07-18 13:15 - 2017-07-18 13:15 - 000002066 ____N C:\Users\AIRWORX 2\Desktop\kas items found.txt

2017-07-18 13:05 - 2017-07-18 13:05 - 000631136 ____N C:\Users\AIRWORX 2\Downloads\CCF10112016 (2).pdf

2017-07-18 13:05 - 2017-07-18 13:05 - 000631136 ____N C:\Users\AIRWORX 2\Downloads\CCF10112016 (2) (1).pdf

2017-07-18 13:05 - 2017-07-18 13:05 - 000627784 ____N C:\Users\AIRWORX 2\Downloads\CCF10112016 (3).pdf

2017-07-18 13:05 - 2017-07-18 13:05 - 000413116 ____N C:\Users\AIRWORX 2\Downloads\CCF10112016 (1).pdf

2017-07-18 13:02 - 2017-07-18 13:02 - 000531500 ____N C:\Users\AIRWORX 2\Desktop\KC Receipts April 2016.pdf

2017-07-18 12:59 - 2017-07-18 12:59 - 000779604 ____N C:\Users\AIRWORX 2\Downloads\KC May 2016 Receipts.pdf

2017-07-18 12:59 - 2017-07-18 12:59 - 000779604 ____N C:\Users\AIRWORX 2\Desktop\KC May 2016 Receipts (1).pdf

2017-07-18 12:56 - 2017-07-18 12:56 - 000888660 ____N C:\Users\AIRWORX 2\Desktop\KC Receipts June 2016.pdf

2017-07-18 12:54 - 2017-07-18 12:54 - 000218291 ____N C:\Users\AIRWORX 2\Downloads\KC Reports 8.1.pdf

2017-07-18 12:51 - 2017-07-18 12:51 - 001149113 ____N C:\Users\AIRWORX 2\Desktop\KC Receipts July 2016.pdf

2017-07-18 12:49 - 2017-07-18 12:49 - 000234159 ____N C:\Users\AIRWORX 2\Downloads\CCI09012016.pdf

2017-07-18 12:48 - 2017-07-18 12:48 - 000458582 ____N C:\Users\AIRWORX 2\Downloads\9.7.16 (1).pdf

2017-07-18 12:46 - 2017-07-18 12:46 - 000005049 ____N C:\Users\AIRWORX 2\Downloads\Aged Receivables.pdf

2017-07-18 12:45 - 2017-07-18 12:45 - 000413116 ____N C:\Users\AIRWORX 2\Downloads\CCF10112016.pdf

2017-07-18 12:41 - 2017-07-18 12:41 - 000197013 ____N C:\Users\AIRWORX 2\Downloads\CCF01102017 (1).pdf

2017-07-18 12:38 - 2017-07-18 12:38 - 000023765 ____N C:\Users\AIRWORX 2\Downloads\KC Tramp Specs.pdf

2017-07-18 12:34 - 2017-07-18 12:34 - 000195196 ____N C:\Users\AIRWORX 2\Downloads\07-15-17.pdf

2017-07-18 12:31 - 2017-07-18 12:31 - 000384839 ____N C:\Users\AIRWORX 2\Downloads\CCF06172017_0001.pdf

2017-07-18 12:30 - 2017-07-18 12:30 - 000374743 ____N C:\Users\AIRWORX 2\Downloads\CCF07092017 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 000101084 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700104306)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 000098532 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700058437)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 000096973 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700180809)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 000095005 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700030432)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 000092177 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700012338)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 000088715 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700081692)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:24 - 2017-07-18 12:24 - 000085982 ____N C:\Users\AIRWORX 2\Downloads\OTC---Z01---Customer-Invoice-(9700224605)-for-Customer-ID-600932145 (1).pdf

2017-07-18 12:23 - 2017-07-18 12:23 - 000433166 ____N C:\Users\AIRWORX 2\Downloads\CUSTSTMT.PDF

2017-07-18 12:22 - 2017-07-18 12:22 - 000604455 ____N C:\Users\AIRWORX 2\Downloads\20161221131018092.pdf

2017-07-18 12:21 - 2017-07-18 12:21 - 000174841 ____N C:\Users\AIRWORX 2\Downloads\20161221131237330 (1).pdf

2017-07-18 12:11 - 2017-07-18 12:11 - 000084006 ____N C:\Users\AIRWORX 2\Documents\https___email02.godaddy.com_view_print_multi.pdf

2017-07-18 11:24 - 2017-07-18 11:24 - 001143460 ____N C:\Users\AIRWORX 2\Downloads\Coke contract Houston.pdf

2017-07-18 11:24 - 2017-07-18 11:24 - 000176568 ____N C:\Users\AIRWORX 2\Downloads\Airowx Cosmic Jump Contract signed by Maura-signed.pdf

2017-07-18 11:04 - 2017-07-18 11:04 - 000384804 ____N C:\Users\AIRWORX 2\Downloads\img034 (1).pdf

2017-07-18 11:02 - 2017-07-18 11:02 - 000147945 ____N C:\Users\AIRWORX 2\Downloads\Airworx Contract Coke (1).pdf

2017-07-18 11:00 - 2017-07-18 11:00 - 000151856 ____N C:\Users\AIRWORX 2\Downloads\Airworx Contract Coke.pdf

2017-07-18 11:00 - 2017-07-18 11:00 - 000129543 ____N C:\Users\AIRWORX 2\Downloads\Airowx Cosmic Jump Contract signed by Maura.pdf

2017-07-18 10:57 - 2017-07-18 10:57 - 000384804 ____N C:\Users\AIRWORX 2\Downloads\img034.pdf

2017-07-18 10:39 - 2017-07-18 10:39 - 000194482 ____N C:\Users\AIRWORX 2\Documents\Bank of America _ Online Banking _ Accounts _ Account Details _ Account Activity1.pdf

2017-07-18 10:38 - 2017-07-18 10:38 - 000203708 ____N C:\Users\AIRWORX 2\Documents\Bank of America _ Online Banking _ Accounts _ Account Details _ Account Activity.pdf

2017-07-18 07:12 - 2017-07-18 07:12 - 000000000 ____D C:\ProgramData\Emsisoft

2017-07-18 07:08 - 2017-07-18 07:09 - 320730544 ____N C:\Users\AIRWORX 2\Downloads\EmsisoftEmergencyKit.exe

2017-07-18 06:18 - 2017-07-18 06:18 - 000037290 ____N C:\Users\AIRWORX 2\Downloads\redeppening (1).pdf

2017-07-18 06:13 - 2017-07-18 06:13 - 000469373 ____N C:\Users\AIRWORX 2\Downloads\Jason Le Incident.pdf

2017-07-18 06:12 - 2017-07-18 06:12 - 000197755 ____N C:\Users\AIRWORX 2\Downloads\6.4.2017.pdf

2017-07-18 06:04 - 2017-07-18 06:04 - 000350407 ____N C:\Users\AIRWORX 2\Downloads\Baur 4 national treasure.pdf

2017-07-18 06:02 - 2017-07-18 06:02 - 000374743 ____N C:\Users\AIRWORX 2\Downloads\CCF07092017.pdf

2017-07-18 05:54 - 2017-07-18 05:54 - 001004434 ____N C:\Users\AIRWORX 2\Downloads\CCF02012017.pdf

2017-07-18 05:43 - 2017-07-18 05:43 - 000000801 ____N C:\Users\AIRWORX 2\Downloads\Downloads - Shortcut.lnk

2017-07-18 04:35 - 2017-07-17 10:14 - 005542722 ____N C:\Users\AIRWORX 2\Downloads\SysInspector-AIRWORX2-PC-170717-072446.xml

2017-07-18 03:46 - 2017-07-18 03:46 - 000006522 ____N C:\Users\AIRWORX 2\Documents\case.txt

2017-07-17 10:26 - 2017-07-17 10:26 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS

2017-07-17 10:25 - 2017-07-17 10:25 - 002724512 ____N (Sysinternals - www.sysinternals.com) C:\Users\AIRWORX 2\Downloads\procexp.exe

2017-07-17 10:14 - 2017-07-17 10:14 - 000504650 _____ C:\Users\AIRWORX 2\SysInspector-AIRWORX2-PC-170717-072446.zip

2017-07-17 09:55 - 2017-07-17 09:55 - 000000000 _____ C:\WINDOWS\system32\wmic

2017-07-17 09:22 - 2017-07-17 09:22 - 141475088 ____N (Microsoft Corporation) C:\Users\AIRWORX 2\Downloads\msert (2).exe

2017-07-17 09:21 - 2017-07-17 09:21 - 007340032 ____N C:\Users\AIRWORX 2\Downloads\msert (1).exe

2017-07-17 09:14 - 2017-07-17 09:14 - 001048576 ____N C:\Users\AIRWORX 2\Downloads\msert.exe

2017-07-17 07:40 - 2017-07-17 07:40 - 006754944 ____N (ESET spol. s r.o.) C:\Users\AIRWORX 2\Downloads\esetonlinescanner_enu.exe

2017-07-17 07:11 - 2017-07-17 07:11 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Local\DBG

2017-07-17 03:31 - 2017-07-24 04:50 - 000000000 ____D C:\Users\AIRWORX 2\Desktop\Cleanup apps

2017-07-14 11:00 - 2017-07-14 11:00 - 000000000 ____D C:\Users\Public\Documents\MDMDiagnostics

2017-07-14 10:40 - 2017-07-14 10:40 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-2671885098-678752524-1400920573-1001

2017-07-14 09:14 - 2017-07-14 09:14 - 000000000 ____D C:\WINDOWS\PCHEALTH

2017-07-14 06:50 - 2017-07-14 06:50 - 000000020 ___SH C:\Users\AIRWORX 2\ntuser.ini

2017-07-14 06:30 - 2017-07-14 06:30 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 020504576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 019335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 017364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 013839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 011870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 008331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 008318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 008238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 007904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 007336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 007325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 006759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 006554928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 006287360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 005961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 005806048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 005719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 004847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 004730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 004536320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 004469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 004447744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 003204096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002956800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 002938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 002679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002645688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002444696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2017-07-14 06:30 - 2017-07-14 06:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2017-07-14 06:30 - 2017-07-14 06:30 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001396224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2017-07-14 06:30 - 2017-07-14 06:30 - 001357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001337848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2017-07-14 06:30 - 2017-07-14 06:30 - 001057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 001017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2017-07-14 06:30 - 2017-07-14 06:30 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi

2017-07-14 06:30 - 2017-07-14 06:30 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000847872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl

2017-07-14 06:30 - 2017-07-14 06:30 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl

2017-07-14 06:30 - 2017-07-14 06:30 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr

2017-07-14 06:30 - 2017-07-14 06:30 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000554392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2017-07-14 06:30 - 2017-07-14 06:30 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2017-07-14 06:30 - 2017-07-14 06:30 - 000544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr

2017-07-14 06:30 - 2017-07-14 06:30 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000472728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000406032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv

2017-07-14 06:30 - 2017-07-14 06:30 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv

2017-07-14 06:30 - 2017-07-14 06:30 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000176032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000119384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000096128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2017-07-14 06:30 - 2017-07-14 06:30 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys

2017-07-14 06:30 - 2017-07-14 06:30 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin

2017-07-14 06:30 - 2017-07-14 06:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll

2017-07-14 06:30 - 2017-07-14 06:30 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 006726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 006535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 004709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 004672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 003135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 002625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 002604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 002424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 002347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 002341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 002088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 002085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 001003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE

2017-07-14 06:22 - 2017-07-14 06:22 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv

2017-07-14 06:22 - 2017-07-14 06:22 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2017-07-14 06:22 - 2017-07-14 06:22 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2017-07-14 06:22 - 2017-07-14 06:22 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2017-07-14 06:22 - 2017-07-14 06:22 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe

2017-07-14 06:22 - 2017-07-14 06:22 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys

2017-07-14 06:22 - 2017-07-14 06:22 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll

2017-07-14 06:22 - 2017-07-14 06:22 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

2017-07-14 06:20 - 2017-07-14 06:23 - 000015243 _____ C:\WINDOWS\diagwrn.xml

2017-07-14 06:20 - 2017-07-14 06:23 - 000015243 _____ C:\WINDOWS\diagerr.xml

2017-07-14 06:17 - 2017-07-20 04:56 - 000000000 ____D C:\WINDOWS\ServiceProfiles

2017-07-14 06:17 - 2017-07-14 06:17 - 000008192 _____ C:\WINDOWS\system32\config\userdiff

2017-07-14 06:14 - 2017-07-28 02:14 - 000000000 ____D C:\Program Files (x86)\MSBuild

2017-07-14 06:14 - 2017-07-14 06:14 - 000000000 ____D C:\Program Files\Reference Assemblies

2017-07-14 06:14 - 2017-07-14 06:14 - 000000000 ____D C:\Program Files\MSBuild

2017-07-14 06:14 - 2017-07-14 06:14 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies

2017-07-14 06:14 - 2017-07-14 06:14 - 000000000 ____D C:\inetpub

2017-07-14 06:13 - 2017-07-14 06:13 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2017-07-14 06:13 - 2017-02-10 12:26 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2017-07-14 06:13 - 2017-02-10 12:26 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2017-07-14 06:13 - 2017-02-10 12:26 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2017-07-14 06:13 - 2017-02-10 12:21 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2017-07-14 06:13 - 2017-02-10 12:21 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2017-07-14 06:13 - 2017-02-10 12:21 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2017-07-14 06:12 - 2017-08-01 05:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-07-14 06:12 - 2017-07-31 12:15 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DBB8FF06-B999-4A95-A7CE-15C213181723}

2017-07-14 06:12 - 2017-07-15 06:57 - 000003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2

2017-07-14 06:12 - 2017-07-14 06:12 - 000002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2671885098-678752524-1400920573-1001

2017-07-14 06:12 - 2017-07-14 06:12 - 000002134 _____ C:\WINDOWS\System32\Tasks\RGP Backup

2017-07-14 06:12 - 2017-07-14 06:12 - 000002118 _____ C:\WINDOWS\System32\Tasks\{39393239-4118-43A9-9EF4-579F68CFC882}

2017-07-14 06:12 - 2017-07-14 06:12 - 000001984 _____ C:\WINDOWS\System32\Tasks\{32B26120-173E-4516-BA92-CE080FB3608E}

2017-07-14 06:12 - 2017-07-14 06:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform

2017-07-14 06:11 - 2017-07-26 16:13 - 000003280 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForAIRWORX 2

2017-07-14 06:11 - 2017-07-14 06:12 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2017-07-14 06:11 - 2017-07-14 06:12 - 000003452 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA

2017-07-14 06:11 - 2017-07-14 06:12 - 000003374 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf8dc0ce6bb10d

2017-07-14 06:11 - 2017-07-14 06:12 - 000003300 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2671885098-678752524-1400920573-1001

2017-07-14 06:11 - 2017-07-14 06:12 - 000003228 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore

2017-07-14 06:11 - 2017-07-14 06:12 - 000003150 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d0bf681e553bf8

2017-07-14 06:11 - 2017-07-14 06:12 - 000003070 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d08f601e825b6

2017-07-14 06:11 - 2017-07-14 06:12 - 000003070 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d040ece2e11a19

2017-07-14 06:11 - 2017-07-14 06:12 - 000003070 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2017-07-14 06:11 - 2017-07-14 06:12 - 000002802 _____ C:\WINDOWS\System32\Tasks\[email protected]

2017-07-14 06:11 - 2017-07-14 06:12 - 000002310 _____ C:\WINDOWS\System32\Tasks\Adobe Uninstaller

2017-07-14 06:11 - 2017-07-14 06:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard

2017-07-14 06:11 - 2017-07-14 06:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\Event Viewer Tasks

2017-07-14 05:56 - 2017-07-14 05:56 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2017-07-14 05:49 - 2017-07-14 05:59 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate

2017-07-14 05:47 - 2017-07-14 05:47 - 000000000 ____D C:\ProgramData\USOShared

2017-07-14 05:46 - 2017-07-31 15:07 - 000000000 ____D C:\Users\AIRWORX 2

2017-07-14 05:46 - 2017-07-14 06:05 - 000000000 ____D C:\Users\Administrator

2017-07-14 05:45 - 2017-08-01 06:03 - 001274834 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-07-14 05:44 - 2017-07-14 05:44 - 000939752 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI

2017-07-14 05:44 - 2017-07-14 05:44 - 000000000 ____D C:\WINDOWS\SysWOW64\sda

2017-07-14 05:39 - 2017-07-14 05:39 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies

2017-07-14 05:39 - 2017-07-14 05:39 - 000000000 ____D C:\Program Files\AMD

2017-07-14 05:39 - 2017-07-14 05:39 - 000000000 _____ C:\WINDOWS\ativpsrm.bin

2017-07-14 05:39 - 2017-03-18 13:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2017-07-14 05:38 - 2017-07-14 05:38 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2017-07-14 05:36 - 2017-08-01 06:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2017-07-14 05:36 - 2017-07-18 03:53 - 000532544 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-07-14 04:28 - 2017-07-14 04:28 - 000002103 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk

2017-07-14 03:44 - 2017-07-14 03:44 - 000087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys

2017-07-14 02:37 - 2017-07-14 02:38 - 195931824 ____N (Kaspersky Lab) C:\Users\AIRWORX 2\Downloads\kts17.0.0.611abcden_12159.exe

2017-07-13 13:47 - 2017-07-14 05:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2017-07-12 12:58 - 2017-07-12 12:58 - 000049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

2017-07-12 12:58 - 2017-07-12 12:58 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys

2017-07-12 12:58 - 2017-07-12 12:58 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys

2017-07-12 12:58 - 2017-07-12 12:58 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

2017-07-12 09:29 - 2017-07-31 02:44 - 000000000 ____D C:\ProgramData\Kaspersky Lab

2017-07-12 09:29 - 2017-07-31 02:19 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab

2017-07-12 09:29 - 2017-07-14 05:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater

2017-07-12 09:29 - 2017-07-14 05:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan

2017-07-12 09:28 - 2017-07-14 02:39 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files

2017-07-12 06:53 - 2017-08-01 05:59 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2017-07-12 06:53 - 2017-07-31 02:43 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2017-07-12 06:53 - 2017-07-20 08:55 - 000000000 ____D C:\ProgramData\Malwarebytes

2017-07-12 06:53 - 2017-07-20 08:53 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2017-07-11 13:45 - 2017-07-14 09:28 - 000004565 _____ C:\VEW.txt

2017-07-11 09:24 - 2017-07-11 14:53 - 000010285 _____ C:\junk.txt

2017-07-11 04:04 - 2017-08-01 04:51 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys

2017-07-11 04:03 - 2017-08-01 05:56 - 000000000 ____D C:\Program Files\RogueKiller

2017-07-11 04:03 - 2017-07-27 07:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller

2017-07-11 04:03 - 2017-07-11 05:12 - 000000000 ____D C:\ProgramData\RogueKiller

2017-07-10 07:25 - 2017-07-10 07:25 - 000195346 ____N C:\Users\AIRWORX 2\Documents\wu170509.diagcab

2017-07-10 07:16 - 2017-07-10 07:16 - 130903960 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MRT.exe

2017-07-10 06:58 - 2017-07-11 10:29 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

2017-07-10 04:54 - 2017-07-10 04:53 - 000009804 ____N C:\Users\AIRWORX 2\Documents\GatewaySettings.bin

2017-07-10 04:53 - 2017-07-10 04:53 - 000009804 ____N C:\Users\AIRWORX 2\Downloads\GatewaySettings.bin

2017-07-10 04:53 - 2017-07-10 04:53 - 000009804 ____N C:\Users\AIRWORX 2\Downloads\GatewaySettings (1).bin

2017-07-07 09:56 - 2017-07-10 06:17 - 014379154 ____N C:\Users\AIRWORX 2\Desktop\calls and txtsBook2.xlsx

2017-07-07 09:40 - 2017-07-06 14:49 - 010381776 ____N C:\Users\AIRWORX 2\Desktop\SMSBackup.xml

2017-07-07 09:40 - 2017-07-06 14:48 - 000229555 ____N C:\Users\AIRWORX 2\Desktop\CallLogBackup.xml

2017-07-07 09:34 - 2017-07-07 09:34 - 002066258 ____N C:\Users\AIRWORX 2\Downloads\Backup_Archive (1).zip

2017-07-07 09:31 - 2017-07-07 09:31 - 000190279 ____N C:\Users\AIRWORX 2\Documents\calls.txt

2017-07-07 09:29 - 2017-07-07 09:29 - 002052994 ____N C:\Users\AIRWORX 2\Downloads\Backup_20170627192522.zip

2017-07-07 09:29 - 2017-06-27 19:25 - 010333207 ____N C:\Users\AIRWORX 2\Downloads\SMSBackup.xml

2017-07-07 09:29 - 2017-06-27 19:25 - 000190279 ____N C:\Users\AIRWORX 2\Downloads\CallLogBackup.xml

2017-07-07 09:28 - 2017-07-07 09:28 - 002066258 ____N C:\Users\AIRWORX 2\Downloads\Backup_Archive.zip

2017-07-06 12:30 - 2017-07-06 12:30 - 000002603 _____ C:\Users\Public\Desktop\POS - Rock Gym Pro.lnk

2017-07-06 12:30 - 2017-07-06 12:30 - 000002603 _____ C:\Users\Public\Desktop\Data Entry - Rock Gym Pro.lnk

2017-07-06 11:46 - 2017-07-06 11:46 - 000002775 ____N C:\Users\AIRWORX 2\Downloads\images.jpeg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-01 05:58 - 2017-03-18 04:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI

2017-08-01 05:58 - 2014-03-04 13:12 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Local\ESET

2017-08-01 05:57 - 2016-07-01 17:30 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin

2017-08-01 05:08 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\AppReadiness

2017-07-31 15:42 - 2017-02-20 08:22 - 000000000 ____D C:\Program Files\Recuva

2017-07-31 15:37 - 2014-01-21 15:23 - 000000000 ___RD C:\Users\AIRWORX 2\Google Drive

2017-07-31 15:24 - 2014-01-10 13:21 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Local\Packages

2017-07-31 15:16 - 2015-07-08 12:08 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Local\Western Digital

2017-07-31 15:16 - 2014-03-12 15:25 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Local\Nuance

2017-07-31 04:54 - 2017-03-18 14:03 - 000000000 ___HD C:\Program Files\WindowsApps

2017-07-31 03:51 - 2017-02-16 09:34 - 000000000 ___HD C:\DrFoneForAndroid

2017-07-31 02:19 - 2017-03-18 14:01 - 000000000 ____D C:\WINDOWS\INF

2017-07-31 02:19 - 2017-03-18 04:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

2017-07-31 02:19 - 2015-11-12 07:03 - 000000000 ____D C:\Program Files\Common Files\AV

2017-07-31 02:17 - 2015-10-29 23:28 - 000000000 ____D C:\Users\Default.migrated

2017-07-28 12:54 - 2014-03-26 13:47 - 000007609 _____ C:\Users\AIRWORX 2\AppData\Local\resmon.resmoncfg

2017-07-28 03:14 - 2015-01-29 18:03 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Local\ElevatedDiagnostics

2017-07-28 02:14 - 2017-03-18 14:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

2017-07-27 10:31 - 2012-07-25 22:26 - 000000222 _____ C:\WINDOWS\win.ini

2017-07-27 04:42 - 2017-03-18 13:51 - 000000000 ____D C:\WINDOWS\CbsTemp

2017-07-27 03:54 - 2017-06-26 09:52 - 000181160 _____ (ESET) C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys

2017-07-27 03:42 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\NDF

2017-07-26 19:47 - 2017-06-28 16:45 - 000000372 _____ C:\WINDOWS\Tasks\HPCeeScheduleForAIRWORX 2.job

2017-07-26 19:40 - 2015-01-29 16:07 - 000000519 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics

2017-07-26 15:05 - 2015-07-13 07:14 - 000132848 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys

2017-07-26 09:41 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\Registration

2017-07-26 07:36 - 2014-03-06 03:09 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-07-26 07:02 - 2016-02-09 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TaxAct

2017-07-26 04:54 - 2017-06-26 07:43 - 000002065 _____ C:\Users\Public\Desktop\ESET Banking & Payment protection.lnk

2017-07-26 04:53 - 2014-05-15 13:29 - 000000000 ____D C:\Program Files (x86)\Brother

2017-07-26 04:53 - 2013-10-14 16:33 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2017-07-26 04:50 - 2014-12-30 17:16 - 000000000 ____D C:\Program Files (x86)\AVIGenerator2.0

2017-07-26 04:50 - 2014-05-15 13:29 - 000000000 ____D C:\Program Files (x86)\ControlCenter4

2017-07-25 09:32 - 2014-09-11 15:41 - 000000496 _____ C:\Users\AIRWORX 2\Desktop\ITSupport247 (3).website

2017-07-25 07:47 - 2014-04-18 14:27 - 000000000 ____D C:\Program Files (x86)\ASAP Utilities

2017-07-24 11:00 - 2017-02-20 09:27 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\VERIZON

2017-07-24 09:54 - 2013-10-14 16:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos

2017-07-24 05:40 - 2014-10-29 11:50 - 000000000 ____D C:\Users\Public\Documents\CyberLink

2017-07-24 05:40 - 2013-10-14 16:40 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools

2017-07-24 05:40 - 2013-10-14 16:40 - 000000000 ____D C:\Program Files (x86)\CyberLink

2017-07-24 05:39 - 2013-10-14 16:53 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat

2017-07-22 09:17 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\rescache

2017-07-21 10:44 - 2014-06-19 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SurveillanceSystem

2017-07-20 06:51 - 2014-03-26 16:20 - 000000000 ___RD C:\Users\AIRWORX 2\Dropbox

2017-07-19 09:59 - 2017-01-24 15:31 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2017-07-19 03:26 - 2014-06-19 09:37 - 000000000 ____D C:\Program Files (x86)\SurveillanceSystem

2017-07-18 22:47 - 2016-03-08 09:58 - 000000000 ____D C:\Users\AIRWORX 2\Documents\Outlook Files

2017-07-18 20:18 - 2015-07-30 12:30 - 000525312 _____ C:\Users\AIRWORX 2\Outlook.pst

2017-07-18 13:58 - 2014-03-12 15:25 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\.oit

2017-07-18 13:40 - 2014-11-12 15:43 - 000124551 ____H C:\Users\AIRWORX 2\Desktop\maxdesk.ini2

2017-07-18 13:40 - 2014-11-12 15:43 - 000008230 ____H C:\Users\AIRWORX 2\Desktop\PP11Thumbs.ptn2

2017-07-18 13:40 - 2014-09-04 12:53 - 000021516 ____H C:\Users\AIRWORX 2\Downloads\.ppinfocache

2017-07-18 13:39 - 2014-11-12 15:33 - 007196349 ____H C:\Users\AIRWORX 2\Desktop\PP11Thumbs.ptn

2017-07-18 13:27 - 2014-03-26 12:59 - 000042262 ____H C:\Users\AIRWORX 2\Documents\PP11Thumbs.ptn2

2017-07-18 04:30 - 2015-04-20 17:06 - 000000000 __RDO C:\Users\AIRWORX 2\OneDrive

2017-07-18 04:26 - 2017-02-20 09:10 - 000001887 ____N C:\Users\AIRWORX 2\Desktop\Recuva.lnk

2017-07-18 04:25 - 2016-10-02 22:21 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Local\ConnectedDevicesPlatform

2017-07-18 03:55 - 2017-02-13 05:55 - 000565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2017-07-18 03:51 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

2017-07-17 03:43 - 2016-04-19 19:11 - 000000000 ____D C:\Users\AIRWORX 2\Desktop\Alarm Activity Formatted Download_files

2017-07-15 06:57 - 2016-07-02 19:55 - 000002424 _____ C:\Users\AIRWORX 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2017-07-15 03:54 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\appcompat

2017-07-14 10:51 - 2017-06-20 08:47 - 000000000 ____D C:\Program Files (x86)\LG Electronics

2017-07-14 10:47 - 2013-10-14 16:40 - 000000000 ____D C:\ProgramData\WildTangent

2017-07-14 10:47 - 2013-10-14 16:40 - 000000000 ____D C:\Program Files (x86)\WildTangent Games

2017-07-14 10:46 - 2014-08-04 13:01 - 000000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2017-07-14 06:50 - 2017-03-18 14:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2017-07-14 06:50 - 2016-04-26 23:39 - 000000000 __RHD C:\Users\Public\AccountPictures

2017-07-14 06:35 - 2017-03-18 14:03 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template

2017-07-14 06:32 - 2017-03-18 14:06 - 000000000 ____D C:\WINDOWS\Setup

2017-07-14 06:31 - 2017-03-18 14:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12

2017-07-14 06:31 - 2017-03-18 14:03 - 000000000 ___SD C:\WINDOWS\system32\F12

2017-07-14 06:31 - 2017-03-18 14:03 - 000000000 ___RD C:\Program Files\Windows Defender

2017-07-14 06:31 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\migwiz

2017-07-14 06:31 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\appraiser

2017-07-14 06:31 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\ShellExperiences

2017-07-14 06:31 - 2017-03-18 14:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer

2017-07-14 06:31 - 2017-03-18 14:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2017-07-14 06:31 - 2017-03-18 14:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender

2017-07-14 06:24 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase

2017-07-14 06:23 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2017-07-14 06:23 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2017-07-14 06:23 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\Provisioning

2017-07-14 06:23 - 2017-03-18 04:40 - 000000000 ____D C:\WINDOWS\system32\Dism

2017-07-14 06:19 - 2016-07-16 04:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated

2017-07-14 06:14 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\inetsrv

2017-07-14 06:14 - 2017-03-18 13:59 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe

2017-07-14 06:14 - 2017-03-18 13:59 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe

2017-07-14 06:14 - 2017-03-18 13:59 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll

2017-07-14 06:14 - 2017-03-18 13:59 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll

2017-07-14 06:12 - 2017-03-18 19:31 - 000000000 ____D C:\WINDOWS\HoloShell

2017-07-14 06:12 - 2014-10-29 11:58 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat

2017-07-14 06:11 - 2017-03-18 14:03 - 000000000 __RHD C:\Users\Public\Libraries

2017-07-14 06:04 - 2014-07-02 11:24 - 000002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-07-14 06:02 - 2017-03-18 14:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2017-07-14 05:59 - 2017-06-27 05:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkasoft Evidence Center Ultimate

2017-07-14 05:59 - 2017-06-13 19:20 - 000000000 ____D C:\WINDOWS\system32\UNP

2017-07-14 05:59 - 2017-05-10 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shutterfly Uploader

2017-07-14 05:59 - 2017-05-03 08:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Family Lawyer

2017-07-14 05:59 - 2017-04-21 05:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cox Cloud Drive

2017-07-14 05:59 - 2017-03-18 14:03 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files

2017-07-14 05:59 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\FxsTmp

2017-07-14 05:59 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\ModemLogs

2017-07-14 05:59 - 2017-03-17 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Escaperoom Software

2017-07-14 05:59 - 2017-03-16 15:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2017-07-14 05:59 - 2017-02-20 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva

2017-07-14 05:59 - 2017-01-03 09:39 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dahuatech Smart Player

2017-07-14 05:59 - 2016-12-21 09:20 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2017-07-14 05:59 - 2016-10-27 03:53 - 000000000 ____D C:\WINDOWS\system32\nn-NO

2017-07-14 05:59 - 2016-09-30 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2017-07-14 05:59 - 2016-05-12 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect

2017-07-14 05:59 - 2016-04-28 08:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2017-07-14 05:59 - 2016-04-26 23:20 - 000000000 ____D C:\WINDOWS\ShellNew

2017-07-14 05:59 - 2015-06-08 09:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2017-07-14 05:59 - 2014-12-30 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVIGenerator2.0

2017-07-14 05:59 - 2014-04-18 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASAP Utilities

2017-07-14 05:59 - 2014-03-13 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software

2017-07-14 05:59 - 2014-03-13 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan

2017-07-14 05:59 - 2014-03-12 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PDF Create 7

2017-07-14 05:59 - 2014-03-12 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 14

2017-07-14 05:59 - 2014-03-04 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2017-07-14 05:59 - 2014-03-04 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rock Gym Pro

2017-07-14 05:59 - 2013-10-14 16:40 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2017-07-14 05:59 - 2013-10-14 16:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support

2017-07-14 05:52 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV

2017-07-14 05:52 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT

2017-07-14 05:52 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\SysWOW64\IME

2017-07-14 05:52 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE

2017-07-14 05:52 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB

2017-07-14 05:52 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\spool

2017-07-14 05:52 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\oobe

2017-07-14 05:52 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\lv-LV

2017-07-14 05:52 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\lt-LT

2017-07-14 05:52 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\InputMethod

2017-07-14 05:52 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\IME

2017-07-14 05:52 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\et-EE

2017-07-14 05:52 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\en-GB

2017-07-14 05:52 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared

2017-07-14 05:52 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared

2017-07-14 05:51 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2017-07-14 05:51 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\InputMethod

2017-07-14 05:51 - 2016-02-04 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital

2017-07-14 05:51 - 2014-03-04 12:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services

2017-07-14 05:50 - 2017-06-26 07:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

2017-07-14 05:50 - 2017-05-31 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

2017-07-14 05:50 - 2014-03-13 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON

2017-07-14 05:50 - 2014-03-04 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL

2017-07-14 05:50 - 2013-10-14 16:38 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection

2017-07-14 05:49 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv

2017-07-14 05:49 - 2013-08-22 08:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy

2017-07-14 05:47 - 2017-03-18 14:03 - 000000000 ____D C:\ProgramData\USOPrivate

2017-07-14 05:46 - 2013-04-03 17:13 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages

2017-07-14 05:44 - 2017-03-18 04:40 - 000000000 ____D C:\WINDOWS\system32\Sysprep

2017-07-14 04:28 - 2014-03-04 16:20 - 000000000 ____D C:\ProgramData\Adobe

2017-07-13 13:48 - 2015-10-19 12:01 - 000000000 ____D C:\Program Files (x86)\Dropbox

2017-07-11 14:08 - 2014-03-06 03:09 - 000000000 ____D C:\WINDOWS\system32\MRT

2017-07-11 12:11 - 2017-06-13 19:20 - 000000000 ____D C:\Program Files\UNP

2017-07-11 12:03 - 2017-06-27 16:06 - 000000000 ____D C:\WINDOWS\pss

2017-07-10 15:42 - 2017-06-16 12:04 - 000000000 ____D C:\Users\AIRWORX 2\Desktop\Babe

2017-07-10 10:26 - 2017-02-16 07:35 - 000000000 ____D C:\Program Files (x86)\Wondershare

2017-07-10 06:42 - 2016-07-01 14:24 - 000000000 ____D C:\Windows10Upgrade

2017-07-10 06:30 - 2015-09-07 08:21 - 000000678 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2671885098-678752524-1400920573-1001.job

2017-07-07 10:46 - 2015-12-14 11:13 - 000113371 ____N C:\Users\AIRWORX 2\Desktop\Book2.xlsx

2017-07-06 12:30 - 2014-10-23 16:52 - 000002603 _____ C:\Users\Public\Desktop\Calendar - Rock Gym Pro.lnk

2017-07-06 12:30 - 2014-03-04 13:30 - 000002603 _____ C:\Users\Public\Desktop\CheckIn - Rock Gym Pro.lnk

2017-07-06 12:30 - 2014-03-04 13:30 - 000000000 ____D C:\Program Files (x86)\Rock Gym Pro

2017-07-03 15:04 - 2016-10-27 13:08 - 000000000 ____D C:\Users\AIRWORX 2\AppData\Roaming\ThisLife

==================== Files in the root of some directories =======

2015-04-01 09:26 - 2005-12-08 19:51 - 000000060 ____R () C:\Program Files (x86)\BRINST.INI

2017-04-14 06:58 - 2017-04-14 06:58 - 000000000 _____ () C:\Users\AIRWORX 2\AppData\Roaming\IVOPEN.$$$

2014-12-17 10:09 - 2014-12-17 10:10 - 000012962 _____ () C:\Users\AIRWORX 2\AppData\Roaming\Microsoft Excel 97-2003.CAL

2014-03-26 13:47 - 2017-07-28 12:54 - 000007609 _____ () C:\Users\AIRWORX 2\AppData\Local\resmon.resmoncfg

2015-12-09 12:34 - 2015-12-09 12:34 - 000000145 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

2014-03-24 15:02 - 2014-10-23 13:06 - 000000226 _____ () C:\ProgramData\RSUserCfg.ini

Files to move or delete:

====================

C:\Users\AIRWORX 2\ASAP_Utilities_5-2-1_HS_Setup.exe

C:\Users\AIRWORX 2\WDMyCloud_win.exe

Some files in TEMP:

====================

2017-07-24 09:42 - 2017-07-24 09:42 - 005146944 _____ (Seagate) C:\Users\AIRWORX 2\AppData\Local\Temp\6E330CFC-ACCF-452F-A6C9-1B82B0413B6D.exe

2017-08-01 04:48 - 2017-07-14 06:30 - 001930320 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\AppData\Local\Temp\dllnt_dump.dll

2013-10-05 01:38 - 2013-10-05 01:38 - 000455328 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\AppData\Local\Temp\msvcp120.dll

2013-10-05 01:38 - 2013-10-05 01:38 - 000970912 _____ (Microsoft Corporation) C:\Users\AIRWORX 2\AppData\Local\Temp\msvcr120.dll

2016-07-30 17:08 - 2016-07-30 17:08 - 003112960 _____ (Jason York) C:\Users\AIRWORX 2\AppData\Local\Temp\pc-decrapifier.exe

2017-07-28 02:28 - 2017-07-28 02:28 - 000510752 _____ (Acronis) C:\Users\AIRWORX 2\AppData\Local\Temp\setupapp_amd64.exe

2017-07-28 02:28 - 2017-07-28 02:28 - 000540432 _____ () C:\Users\AIRWORX 2\AppData\Local\Temp\setupnt64.dll

2017-07-26 04:50 - 2006-05-24 10:10 - 000455600 _____ (Macrovision Corporation) C:\Users\AIRWORX 2\AppData\Local\Temp\_isC014.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-27 06:17

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2017

Ran by AIRWORX 2 (01-08-2017 06:23:29)

Running from C:\Users\AIRWORX 2\Desktop

Windows 10 Home Version 1703 (X64) (2017-07-14 13:25:55)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2671885098-678752524-1400920573-500 - Administrator - Disabled) => C:\Users\Administrator

AIRWORX 2 (S-1-5-21-2671885098-678752524-1400920573-1001 - Administrator - Enabled) => C:\Users\AIRWORX 2

DefaultAccount (S-1-5-21-2671885098-678752524-1400920573-503 - Limited - Disabled)

Guest (S-1-5-21-2671885098-678752524-1400920573-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AV: ESET Smart Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}

AS: ESET Smart Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Photoshop Elements 4.0 (HKLM-x32\...\Adobe Photoshop Elements 4) (Version: 4.0 - Adobe Systems Inc.)

Adobe Reader XI (11.0.20) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)

Alcor Micro USB Card Reader Driver (HKLM-x32\...\{05E5AD66-7CD0-4719-A229-0D3A7A5240D2}) (Version: 20.22.2217.13862 - Alcor Micro Corp.) Hidden

Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.22.2217.13862 - Alcor Micro Corp.)

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)

AMD Catalyst Install Manager (HKLM\...\{40959651-122E-1A16-9011-40629C01703F}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)

ASAP Utilities (HKLM-x32\...\ASAP Utilities_is1) (Version: 7.1 - Bastien Mensink - A Must in Every Office BV)

Broderbund Family Lawyer (HKLM-x32\...\{ED95E1BA-8C35-4D78-8A20-FD5A728711E2}) (Version: 1.00.0000 - Bluecase) Hidden

Broderbund Family Lawyer (HKLM-x32\...\InstallShield_{ED95E1BA-8C35-4D78-8A20-FD5A728711E2}) (Version: 1.00.0000 - Bluecase)

Cloud Drive (HKLM-x32\...\{F40EC703-6B64-4C2D-80BC-5ED2D8295C04}) (Version: 5.1.30.18 - Cox Secure Online Backup for Windows)

Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )

CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.3003 - CyberLink Corp.)

Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4608 - CyberLink Corp.)

CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3007 - CyberLink Corp.)

Drag and Drop Backup (HKLM-x32\...\{480EA68A-699D-450D-9869-2216AC49D23C}) (Version: 2.1.33 - Cox)

Dropbox (HKLM-x32\...\Dropbox) (Version: 30.4.22 - Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden

Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )

Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )

Escaperoom Software (HKLM-x32\...\{7BAA7E0D-9B92-4FE7-AEC8-F11EAE801922}) (Version: 3.1.0.0 - Escaperoom Software)

ESET Smart Security (HKLM\...\{2B587448-4CE3-4196-A237-A425E557F052}) (Version: 10.1.204.0 - ESET, spol. s r.o.)

Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)

Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden

Hewlett-Packard ACLM.NET v1.2.2.1 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden

HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)

HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6668.4491 - Hewlett-Packard)

HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.4.19.3 - Hewlett-Packard Company)

HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)

HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.7.27.15 - HP)

Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)

Kaspersky Security Scan (HKLM-x32\...\{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab) Hidden

Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)

Kaspersky Software Updater (HKLM-x32\...\{DEEDA858-A9B4-4212-8873-2F2CE2706E68}) (Version: 2.0.0.623 - Kaspersky Lab) Hidden

Kaspersky Software Updater (HKLM-x32\...\InstallWIX_{DEEDA858-A9B4-4212-8873-2F2CE2706E68}) (Version: 2.0.0.623 - Kaspersky Lab)

Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)

Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

MySQL Connector/ODBC 5.1 (HKLM-x32\...\{38CDEC3E-ABC4-4EB8-BE3B-2181A97813AE}) (Version: 5.1.12 - Oracle Corporation)

MySQL Server 5.0 (HKLM-x32\...\{97EFE060-CE35-4709-9B3A-5D3C8F686FED}) (Version: 5.0.90 - MySQL AB)

Nuance PaperPort 14 (HKLM-x32\...\{14CB3B82-FBDC-4462-919E-86147983F09B}) (Version: 14.5.0000 - Nuance Communications, Inc.)

Nuance PDF Create 7 (HKLM\...\{AAA715B7-02F9-4F2D-92C9-80EC63835AA1}) (Version: 7.10.6408 - Nuance Communications, Inc.)

Nuance PDF Create 7 (HKLM-x32\...\{AAA715B7-02F9-4F2D-92C9-80EC63835AA1}) (Version: 7.10.6408 - Nuance Communications, Inc.)

Nuance PDF Viewer Plus (HKLM-x32\...\{FC984E39-43D0-4AB2-ACC7-A7B87977B009}) (Version: 7.20.3274 - Nuance Communications, Inc.)

PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0001 - Nuance Communications, Inc.)

Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)

Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.6208 - CyberLink Corp.) Hidden

Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)

Rock Gym Pro (HKLM-x32\...\{827570FB-0E88-444C-ADBC-9E799571E292}) (Version: 1.1.21247 - RGP Development LLC)

RogueKiller version 12.11.8.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.8.0 - Adlice Software)

Scansoft PDF Create (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)

Shutterfly Uploader (HKLM-x32\...\{CD928A00-1C70-4353-B9B9-7BC8600F3E43}) (Version: 2.9.0.737 - Shutterfly, Inc.)

Smart Player (HKLM-x32\...\Smart Player3.00.0) (Version: 3.00.0 - Zhejiang Dahua Technology Co.,LTD.)

Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden

Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)

SyncFileSetup (x86) (HKLM-x32\...\{04848A0A-02B1-4703-B15D-6E7DCF95FB84}) (Version: 1.3.5949.26210 - Western Digital Technologies, Inc) Hidden

TaxAct 2016 1040 Edition (HKLM-x32\...\TaxAct 2016 1040 Edition) (Version: 1.03 - TaxAct, Inc.)

WD Sync (HKLM-x32\...\{0d591303-bbc5-4645-a03b-1c3f75f1a762}) (Version: 1.3.5949.26210 - Western Digital Technologies, Inc.)

Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)

Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)

WorkForce GT-1500 Scanner Driver Update (HKLM-x32\...\{37D0F29D-AB95-4598-ACF0-D3CC38C161D9}) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2671885098-678752524-1400920573-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\AIRWORX 2\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll => No File

CustomCLSID: HKU\S-1-5-21-2671885098-678752524-1400920573-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\AIRWORX 2\AppData\Local\Citrix\GoToMeeting\1350\G2MOutlookAddin64.dll => No File

CustomCLSID: HKU\S-1-5-21-2671885098-678752524-1400920573-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\AIRWORX 2\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncApi64.dll => No File

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)

ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)

ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-07-26] (ESET)

ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)

ContextMenuHandlers1: [WDSyncContextMenuHandler] -> {5A51BDCB-F8C2-4698-B79C-A77DF0AA466B} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)

ContextMenuHandlers1: [Zeon.MFCDirectShellExt] -> {353C642C-F13D-4699-9FF2-EFAF490B6C69} => C:\Program Files (x86)\Nuance\PDFCreate\bin\DirectShellExt.dll [2010-07-16] (Zeon International Investment Corp. )

ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-07-26] (ESET)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)

ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)

ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)

ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)

ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-07-26] (ESET)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)

ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)

ContextMenuHandlers6: [WDSyncContextMenuHandler] -> {5A51BDCB-F8C2-4698-B79C-A77DF0AA466B} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {005B78DE-9ECF-4C1D-85D3-6330FE864BA6} - System32\Tasks\GoogleUpdateTaskMachineCore1d040ece2e11a19 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {073958F3-8E5F-4CF7-8625-ABD15377481E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)

Task: {0A1E4A40-752E-425E-B7D0-0A0AE002C93C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

Task: {259AE203-7AAC-4A0D-93DD-5EB4EE090A28} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

Task: {264F49CB-3415-488D-B8DA-9F6F8BE48331} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)

Task: {2E84AC4F-16D2-4F2F-AF13-EF11260452E1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {2EE58945-C40B-43A8-A167-173E412D9D98} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf681e553bf8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe

Task: {37C32B19-9630-4A28-9E5A-8EA8CD06CFA2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-24] (Dropbox, Inc.)

Task: {438F072B-AAE9-40AF-AC57-02A64C04DE3D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

Task: {46064571-564C-4D46-9842-A167DDF1D942} - System32\Tasks\GoogleUpdateTaskMachineCore1d08f601e825b6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {4F1C7B6F-3451-443B-A7EA-F05EF590C939} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

Task: {4FD0925E-6E79-4BC0-A382-3D5CCA5C36B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-06-28] (HP Inc.)

Task: {56FA405C-914E-41DB-A1DA-640837A26134} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)

Task: {5DB34D0B-4B82-47F6-B06D-2D195446A83A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {68A4B540-8EA0-495A-8FFE-A62A0B5336C7} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)

Task: {6A1EA711-CB37-414D-BDA8-AB497C20E668} - System32\Tasks\HPCeeScheduleForAIRWORX 2 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

Task: {70DBC4DD-6DE6-48DB-A77B-732338AD113D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)

Task: {78F037B8-98B7-4FB4-8208-86D30D156F8F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: {7A8C073B-9921-4385-A061-FF8B5410A453} - System32\Tasks\{39393239-4118-43A9-9EF4-579F68CFC882} => C:\WINDOWS\system32\pcalua.exe -a C:\PROGRA~2\SAAZOD\Uninstall\uninstall.exe -c "/U:C:\PROGRA~2\SAAZOD\Uninstall\uninstall.xml"

Task: {8258540A-E194-4B1C-A446-B100E53A7B7B} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe

Task: {8A6CE6D2-BAFF-47BD-B636-5632FA76D78E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)

Task: {8EE60D19-E484-4EC5-87B6-BEB1AE19CF50} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8dc0ce6bb10d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {8F630B83-069D-434E-B4C4-59AD3C10A507} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

Task: {916845C6-0741-433C-AC62-C4B3A5F302DB} - System32\Tasks\S-1-5-21-2671885098-678752524-1400920573-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)

Task: {A06C2463-6FDA-437F-BFAC-91F03898B57C} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION

Task: {A7CF62C0-17A6-42AB-A10F-9A6C446B7B33} - System32\Tasks\G2MUploadTask-S-1-5-21-2671885098-678752524-1400920573-1001 => C:\Users\AIRWORX 2\AppData\Local\Citrix\GoToMeeting\5530\g2mupload.exe [2016-09-03] (Citrix Online, a division of Citrix Systems, Inc.)

Task: {ACE8B2E6-FDA5-4314-A2D5-4B96CC439AEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)

Task: {AF0278DE-91EC-48AE-BDAF-F7FE516AF428} - System32\Tasks\{32B26120-173E-4516-BA92-CE080FB3608E} => C:\WINDOWS\system32\pcalua.exe -a F:\Display_menu.exe -d F:\

Task: {B9FA1D84-F00D-445B-8400-F7C7E90DD53E} - System32\Tasks\RGP Backup => C:\Program Files (x86)\Rock Gym Pro\Backup.exe [2017-06-04] ()

Task: {CE775C70-F807-4E1F-891C-712F82A9408E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {D7E60E76-AB93-449D-99DB-17494EB2C958} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

Task: {E622463C-A190-4A30-A528-A6EF1AACE5FC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-24] (Dropbox, Inc.)

Task: {E6505B7C-6B08-451F-A300-AF1087B421C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2671885098-678752524-1400920573-1001.job => C:\Users\AIRWORX 2\AppData\Local\GoToMeeting\7297\g2mupload.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d040ece2e11a19.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08f601e825b6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\HPCeeScheduleForAIRWORX 2.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\AIRWORX 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d76736477ba15566\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 10"

ShortcutWithArgument: C:\Users\AIRWORX 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"

ShortcutWithArgument: C:\Users\AIRWORX 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

ShortcutWithArgument: C:\Users\AIRWORX 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\600fb694c0849943\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 9"

ShortcutWithArgument: C:\Users\AIRWORX 2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Brandi - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) ==============

2005-09-09 03:24 - 2005-09-09 03:24 - 000102400 _____ () C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

2015-11-04 16:43 - 2015-11-04 16:43 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2017-07-20 08:55 - 2017-06-27 12:06 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

2017-03-18 13:58 - 2017-03-18 13:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll

2017-03-18 13:59 - 2017-03-18 19:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2015-12-15 13:38 - 2015-12-15 13:38 - 000326112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll

2015-10-27 16:44 - 2015-10-27 16:44 - 000404952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\ipm_service.dll

2014-12-11 17:40 - 2014-12-11 17:40 - 040622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll

2016-11-26 23:42 - 2016-11-26 23:42 - 000332104 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\dblite.dll

2016-12-21 20:21 - 2016-12-21 20:21 - 045077376 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libcef.dll

2016-11-26 23:37 - 2016-11-26 23:37 - 000418512 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\ipm_service.dll

2017-07-13 13:47 - 2017-07-12 12:58 - 000746816 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll

2017-07-13 13:47 - 2017-07-12 12:58 - 001787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll

2015-12-11 01:07 - 2017-07-12 12:58 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd

2015-12-11 01:07 - 2017-07-12 13:01 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000125904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 001862992 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd

2017-07-13 13:47 - 2017-07-12 12:58 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd

2017-07-13 13:47 - 2017-07-12 12:58 - 000020432 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd

2017-07-13 13:47 - 2017-07-12 12:58 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll

2015-12-11 01:07 - 2017-07-12 12:58 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd

2016-08-06 10:17 - 2017-07-12 13:01 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd

2017-07-13 13:47 - 2017-07-12 12:58 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll

2017-07-13 13:47 - 2017-07-12 12:58 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd

2015-12-11 01:07 - 2017-07-12 13:01 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd

2016-08-06 10:17 - 2017-07-12 13:01 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 000022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd

2017-05-17 12:53 - 2017-07-12 13:01 - 000082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd

2015-12-11 01:07 - 2017-07-12 13:01 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 003928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 001826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 001972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 000171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 000042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 000531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 000133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 000224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 000207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd

2017-02-24 11:41 - 2017-07-12 13:01 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd

2017-01-23 12:26 - 2017-07-12 13:01 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd

2016-04-15 15:18 - 2017-07-12 13:01 - 000069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd

2017-01-23 12:26 - 2017-07-12 13:01 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd

2017-01-23 12:26 - 2017-07-12 13:01 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd

2017-01-23 12:26 - 2017-07-12 13:01 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd

2015-12-11 01:07 - 2017-07-12 12:58 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 000103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd

2016-02-25 12:07 - 2017-07-12 13:01 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 000025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd

2017-07-13 13:47 - 2017-07-12 12:58 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll

2017-07-13 13:47 - 2017-07-12 12:59 - 000033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd

2017-07-13 13:47 - 2017-07-12 12:58 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll

2017-07-13 13:47 - 2017-07-12 12:59 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL

2016-07-28 16:09 - 2017-07-12 13:01 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd

2017-07-13 13:47 - 2017-07-12 12:59 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll

2017-07-13 13:47 - 2017-07-12 12:59 - 001637688 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll

2016-08-06 10:17 - 2017-07-12 13:01 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd

2017-04-07 11:59 - 2017-07-12 13:01 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 000546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd

2017-07-13 13:47 - 2017-07-12 13:00 - 000357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd

2016-12-21 20:21 - 2016-12-21 20:21 - 001650560 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libglesv2.dll

2016-12-21 20:21 - 2016-12-21 20:21 - 000082304 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2013-08-22 06:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\AIRWORX 2\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper

DNS Servers: 68.105.28.11 - 68.105.29.11

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: CDPUserSvc_492c3 => 2

MSCONFIG\Services: CDPUserSvc_5d4d8 => 2

MSCONFIG\Services: GoToAssist => 3

MSCONFIG\Services: MessagingService_492c3 => 3

MSCONFIG\Services: MessagingService_5d4d8 => 3

MSCONFIG\Services: OneSyncSvc_492c3 => 2

MSCONFIG\Services: OneSyncSvc_5d4d8 => 2

HKLM\...\StartupApproved\StartupFolder: => "BackupRemind.lnk"

HKLM\...\StartupApproved\StartupFolder: => "Cox Cloud Drive.lnk"

HKLM\...\StartupApproved\Run: => "SysTrayApp"

HKLM\...\StartupApproved\Run: => "BeatsOSDApp"

HKLM\...\StartupApproved\Run: => "Lathem.USBTM.UI"

HKLM\...\StartupApproved\Run: => "Seagate Scheduler2 Service"

HKLM\...\StartupApproved\Run32: => "StartCCC"

HKLM\...\StartupApproved\Run32: => "Adobe ARM"

HKLM\...\StartupApproved\Run32: => "ISUSPM"

HKLM\...\StartupApproved\Run32: => "PPort14reminder"

HKLM\...\StartupApproved\Run32: => "IndexSearch"

HKLM\...\StartupApproved\Run32: => "PaperPort PTD"

HKLM\...\StartupApproved\Run32: => "PDFCreHook"

HKLM\...\StartupApproved\Run32: => "PDFProHook"

HKLM\...\StartupApproved\Run32: => "PDF7 Registry Controller"

HKLM\...\StartupApproved\Run32: => "EEventManager"

HKLM\...\StartupApproved\Run32: => "Adobe Photo Downloader"

HKLM\...\StartupApproved\Run32: => "ControlCenter4"

HKLM\...\StartupApproved\Run32: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "DiscWizardMonitor.exe"

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

HKLM\...\StartupApproved\Run32: => "Vault Explorer Cache Watcher"

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\StartupApproved\StartupFolder: => "Verizon Wireless Software Utility Application for Android – Samsung.lnk"

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-2671885098-678752524-1400920573-1001\...\StartupApproved\Run: => "SmartSwitchPDLR.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

31-07-2017 09:26:21 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Microsoft Wi-Fi Direct Virtual Adapter #2

Description: Microsoft Wi-Fi Direct Virtual Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: vwifimp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:

==================

Error: (08/01/2017 06:24:23 AM) (Source: MySQL) (EventID: 100) (User: )

Description: Aborting

For more information, see Help and Support Center at http://www.mysql.com.

Error: (08/01/2017 06:24:23 AM) (Source: MySQL) (EventID: 100) (User: )

Description: Default storage engine (InnoDB) is not available

For more information, see Help and Support Center at http://www.mysql.com.

Error: (08/01/2017 06:23:22 AM) (Source: MySQL) (EventID: 100) (User: )

Description: Aborting

For more information, see Help and Support Center at http://www.mysql.com.

Error: (08/01/2017 06:23:22 AM) (Source: MySQL) (EventID: 100) (User: )

Description: Default storage engine (InnoDB) is not available

For more information, see Help and Support Center at http://www.mysql.com.

Error: (08/01/2017 06:22:21 AM) (Source: MySQL) (EventID: 100) (User: )

Description: Aborting

For more information, see Help and Support Center at http://www.mysql.com.

Error: (08/01/2017 06:22:21 AM) (Source: MySQL) (EventID: 100) (User: )

Description: Default storage engine (InnoDB) is not available

For more information, see Help and Support Center at http://www.mysql.com.

Error: (08/01/2017 06:21:20 AM) (Source: MySQL) (EventID: 100) (User: )

Description: Aborting

For more information, see Help and Support Center at http://www.mysql.com.

Error: (08/01/2017 06:21:20 AM) (Source: MySQL) (EventID: 100) (User: )

Description: Default storage engine (InnoDB) is not available

For more information, see Help and Support Center at http://www.mysql.com.

Error: (08/01/2017 06:20:20 AM) (Source: MySQL) (EventID: 100) (User: )

Description: Aborting

For more information, see Help and Support Center at http://www.mysql.com.

Error: (08/01/2017 06:20:20 AM) (Source: MySQL) (EventID: 100) (User: )

Description: Default storage engine (InnoDB) is not available

For more information, see Help and Support Center at http://www.mysql.com.

System errors:

=============

Error: (08/01/2017 06:24:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )