Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Maleware Problem????


  • This topic is locked This topic is locked
16 replies to this topic

#1 CandyGirl1959

CandyGirl1959

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Douglasville, GA
  • Local time:12:52 AM

Posted 27 September 2016 - 02:20 PM

I have been working with Condobloke, i ran these scans to get more help, the first scans are under forum Key Board Problem, but i will try to list them here. Here's the Addition Results of Farbr:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016
Ran by Wisdom (administrator) on WISDOM-PC (27-09-2016 14:48:01)
Running from C:\Users\Wisdom\Desktop
Loaded Profiles: Wisdom &  (Available Profiles: Wisdom & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Webroot) C:\Program Files\Webroot\WRSA.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Windows ® Win 7 DDK provider) C:\Windows\System32\DbxSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\MBAMService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
() C:\Users\Wisdom\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sling Media Inc.) C:\Program Files (x86)\DishAnywhereDesktop\DishAnywherePlayer.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sling Media Inc.) C:\Program Files (x86)\DishAnywhereDesktop\DishAnywherePlayer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [VerizonCloud] => C:\Program Files\Verizon\VerizonCloud\VerizonCloud.exe [2136728 2015-12-03] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [937520 2016-08-23] (Webroot)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2631120 2016-07-28] (Malwarebytes Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25382344 2016-09-19] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-08-15] (Microsoft Corporation)
HKU\S-1-5-21-300878534-179229815-3550441383-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [884920 2016-06-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-300878534-179229815-3550441383-1000\...\Run: [Amazon Music] => C:\Users\Wisdom\AppData\Local\Amazon Music\Amazon Music Helper.exe [5908968 2016-06-16] ()
HKU\S-1-5-21-300878534-179229815-3550441383-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-300878534-179229815-3550441383-1000\...\Run: [SynchronossPC] => C:\Program Files\Verizon\VerizonCloud\VerizonCloud.exe [2136728 2015-12-03] ()
HKU\S-1-5-21-300878534-179229815-3550441383-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\WaterWorks (Sorted)\WaterWorks (Sorted).scr [21257741 2004-07-12] ()
HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [884920 2016-06-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Music] => C:\Users\Wisdom\AppData\Local\Amazon Music\Amazon Music Helper.exe [5908968 2016-06-16] ()
HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SynchronossPC] => C:\Program Files\Verizon\VerizonCloud\VerizonCloud.exe [2136728 2015-12-03] ()
HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\WaterWorks (Sorted)\WaterWorks (Sorted).scr [21257741 2004-07-12] ()
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-08-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Blocked)] -> {C418E880-6280-4010-A888-FD76028E5511} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-12-03] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (InSync)] -> {5F4A6070-DB92-4C56-A487-F3850430608F} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-12-03] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Pending)] -> {EE73A341-C788-4A6B-B1EF-DDBFC0F190B6} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-12-03] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Syncing)] -> {28CDCD88-B179-49D6-8B21-1A9AF9C0AE13} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-12-03] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-19] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-19] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Malwarebytes Anti-Ransomware.lnk [2016-04-04]
ShortcutTarget: Malwarebytes Anti-Ransomware.lnk -> C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe (Malwarebytes)
Startup: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DishAnywherePlayerShortcut.lnk [2016-06-09]
ShortcutTarget: DishAnywherePlayerShortcut.lnk -> C:\Program Files (x86)\DishAnywhereDesktop\DishAnywherePlayer.exe (Sling Media Inc.)
Startup: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-09-11]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction ? <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{A6AD33A7-E410-467E-BC1C-F13AB18F5D0F}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{B75949D0-D0F6-4B34-B5F6-63FF39307186}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{E9464C29-3583-439E-9513-87A0B181BC85}: [NameServer] 0.0.0.0
 
Internet Explorer:
==================
HKU\S-1-5-21-300878534-179229815-3550441383-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.yahoo.com/
HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.yahoo.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-300878534-179229815-3550441383-1000 -> {3982CCF8-C4B0-44F6-BCD1-3323581C422F} URL = hxxp://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-300878534-179229815-3550441383-1000 -> {9F15F4BE-DE2D-463F-BACB-2DA9EA3E027E} URL = hxxp://rover.ebay.com/rover/1/711-43047-14818-1/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-300878534-179229815-3550441383-1000 -> {D1C64F3C-63C6-4EFF-91DC-B9FA6C824AB7} URL = hxxp://www.youtube.com/results?search_query={searchTerms}
SearchScopes: HKU\S-1-5-21-300878534-179229815-3550441383-1000 -> {D6F5F778-15EA-4CC2-AFC5-6F8C7542B190} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {3982CCF8-C4B0-44F6-BCD1-3323581C422F} URL = hxxp://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9F15F4BE-DE2D-463F-BACB-2DA9EA3E027E} URL = hxxp://rover.ebay.com/rover/1/711-43047-14818-1/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D1C64F3C-63C6-4EFF-91DC-B9FA6C824AB7} URL = hxxp://www.youtube.com/results?search_query={searchTerms}
SearchScopes: HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D6F5F778-15EA-4CC2-AFC5-6F8C7542B190} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-09-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-26] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-09-05] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-26] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\Wisdom\AppData\Roaming\Mozilla\Firefox\Profiles\4vjzk3hs.default
FF DefaultSearchEngine: Bing 
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing 
FF Homepage: www.yahoo.com
FF Keyword.URL: hxxp://www.bing.com/search?FORM=U313DF&PC=U313&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-300878534-179229815-3550441383-1000: DISH Anywhere.com/DISH Anywhere Video Player -> C:\Users\Wisdom\AppData\Roaming\DISH Anywhere\DISH Anywhere Video Player\npNMPCBrowserPlugin.dll [2015-11-23] (Nagravision)
FF Plugin HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: DISH Anywhere.com/DISH Anywhere Video Player -> C:\Users\Wisdom\AppData\Roaming\DISH Anywhere\DISH Anywhere Video Player\npNMPCBrowserPlugin.dll [2015-11-23] (Nagravision)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Wisdom\AppData\Roaming\Mozilla\Firefox\Profiles\4vjzk3hs.default\searchplugins\bing-.xml [2016-01-02]
FF Extension: (Bing Search) - C:\Users\Wisdom\AppData\Roaming\Mozilla\Firefox\Profiles\4vjzk3hs.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-01-02]
FF Extension: (Adblock Plus) - C:\Users\Wisdom\AppData\Roaming\Mozilla\Firefox\Profiles\4vjzk3hs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
 
Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default [2016-09-27]
CHR Extension: (Google Slides) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-17]
CHR Extension: (AccuRadio) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnjfaipcnkkaepmlkobfohnlmdpfflm [2016-06-30]
CHR Extension: (Google Docs) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-17]
CHR Extension: (Google Drive) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Expedia Member Only Deals) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfbpcgmafclgfmpoelldpmiolgblgbel [2016-08-16]
CHR Extension: (Adblock Plus) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-23]
CHR Extension: (Amazon Music with Prime Music) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkfgcfgfpgmkogcnibdjcckkpdiajgp [2016-06-30]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2016-06-30]
CHR Extension: (Google Search) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Netflix) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2016-06-30]
CHR Extension: (Polarr Photo Editor) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2016-09-06]
CHR Extension: (Word Search) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj [2016-06-30]
CHR Extension: (Chrome Connectivity Diagnostics) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc [2016-06-30]
CHR Extension: (Google Sheets) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-17]
CHR Extension: (☯ Relax.li ☯) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnnkcmgiefaeohknpnjoglnmddfhkopb [2016-06-30]
CHR Extension: (Plex) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2016-09-26]
CHR Extension: (Google Play Movies & TV) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdijeikdkaembjbdobgfkoidjkpbmlkd [2016-06-30]
CHR Extension: (Word search) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggckablhhmjagmokplgnbamljajnhanm [2016-06-30]
CHR Extension: (Google Docs Offline) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Google Photos) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcglmfcclpfgljeaiahehebeoaiicbko [2016-06-30]
CHR Extension: (Word Search Deluxe (lite)) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hddfdcmelneabfonnddnkiejafobfjna [2016-06-30]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-09-10]
CHR Extension: (Test your Internet speed) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hekhmbhledgahgpondpnaeaffoipehch [2015-09-23]
CHR Extension: (Christmas Word Search Puzzles) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmfflckamnfleohfjdhklkjcfohbpfe [2016-06-30]
CHR Extension: (Rain) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgpgdeoobkmfokcnnneieakcplhaofed [2016-05-30]
CHR Extension: (ZenCast) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hncgklnmcokagjlmdkjneiabailabkop [2016-05-30]
CHR Extension: (Crackle) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2016-06-30]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2016-06-30]
CHR Extension: (Live Wallpaper New Tab Page) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjcnnoaicikcadpighglbdgjkmoddic [2016-05-30]
CHR Extension: (Yahoo Homepage) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccfgghhbihbhomnlnadpjhkhmmboanj [2016-09-01]
CHR Extension: (moodstream.net (standard)) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhbfhdhkiompjaofhkiabbefdhbnhdlp [2016-05-28]
CHR Extension: (Pixlr Touch Up) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jklljiahjgoglchglekebfljnmbaleig [2016-06-30]
CHR Extension: (Journey (Diary, Journal)) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlncjaehedpdoinepaejmlpbmdkgmpog [2016-09-08]
CHR Extension: (Word Search Puzzle Game) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jninklaodadoeedinndhhlcflpmagfhd [2016-09-10]
CHR Extension: (Noisli) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\klejemegaoblahjdpcajmpcnjjmkmkkf [2016-07-14]
CHR Extension: (Google Hangouts) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2016-09-20]
CHR Extension: (Flash® Player for YouTube™) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajdkhdcndkniopfefocbgbkofflagpm [2016-06-30]
CHR Extension: (Offers.com Coupon Codes and Deals) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldfbhjdnnfkhjjfgpodhciohomgdpcgd [2016-09-24]
CHR Extension: (Undrtone) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgmofnojandiebjkejljonkmnappehpb [2015-09-23]
CHR Extension: (Fireplace) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjnhkmdlhpjalapikmdocokkigmhimo [2016-06-30]
CHR Extension: (Google Maps) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-06-30]
CHR Extension: (Heavenly Meditated (FREE)) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhappffajjlepfcdbmellpmkmajmhonl [2016-05-30]
CHR Extension: (IOS 7 Home) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmapjnboohofgcploolgjojhcdedckha [2015-09-23]
CHR Extension: (Google Play Books) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2016-06-30]
CHR Extension: (Word Search Game) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnlmhopennceddgbnknlhmdgbjfleapp [2016-06-30]
CHR Extension: (Sunrise Calendar) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mojepfklcankkmikonjlnidiooanmpbb [2016-06-30]
CHR Extension: (Flair Player) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpkhmenokpjamhajlajnldibdjkacgcp [2016-06-30]
CHR Extension: (Mahjong Solitaire) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc [2016-09-10]
CHR Extension: (WeatherBug) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2016-06-30]
CHR Extension: (Word Search) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbimfhkdlhlflmfikaglfelodpcdfmd [2015-09-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Songist) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnchdmhblnennhiogcnojdodjgjcdehk [2016-06-30]
CHR Extension: (piZap Photo Editor) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\occpjibghkbopohbefbejkklnfdkdmok [2016-06-30]
CHR Extension: (Backgrounds Every Day) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\oikopohbkicbnneinipgiihiijhephop [2016-09-10]
CHR Extension: (Blue Ridge Mountains, N.C.) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooepbjbckhikiaibnkhlfhbfkmgaomig [2016-06-30]
CHR Extension: (Rollip - Photo Effects) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooikhmcdpofogemaldinihdhidaokcmp [2016-06-30]
CHR Extension: (Bubble Shooter Exclusive) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfaogkfljpdfmodbmbogiiblppijleen [2016-06-30]
CHR Extension: (DISH Anywhere Chrome Video Player) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiogfjcmcooikkpemeppajhnmpeekgf [2016-07-04]
CHR Extension: (Gmail) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-17]
CHR Extension: (Chrome Media Router) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-24]
CHR Extension: (TelevisionFanatic) - C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh [2016-08-26]
CHR Profile: C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\System Profile [2016-06-30]
 
Opera: 
=======
OPR Extension: (Gmail™ Notifier) - C:\Users\Wisdom\AppData\Roaming\Opera Software\Opera Stable\Extensions\flkijckbigolpahbkklilflpmkalfohc [2016-08-18]
OPR Extension: (Black Menu for Google™) - C:\Users\Wisdom\AppData\Roaming\Opera Software\Opera Stable\Extensions\ggkkhaekfgomhipcdafjpbhdeiljlnbh [2016-08-18]
OPR Extension: (myVocabu) - C:\Users\Wisdom\AppData\Roaming\Opera Software\Opera Stable\Extensions\kmnapajhlfmfaallmakcokmfmbblkaka [2016-08-01]
OPR Extension: (Download YouTube Videos as MP4) - C:\Users\Wisdom\AppData\Roaming\Opera Software\Opera Stable\Extensions\maeombkgfpjdnjkhohbjachnnmpbipol [2016-08-18]
OPR Extension: (Stormcrow) - C:\Users\Wisdom\AppData\Roaming\Opera Software\Opera Stable\Extensions\nncgmpcdlilgbepbfpeidpjlcdfhmcfp [2016-08-01]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2980032 2016-09-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-16] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-16] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42792 2016-09-19] (Windows ® Win 7 DDK provider)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-05-18] (SurfRight B.V.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4817040 2016-09-23] (SurfRight B.V.)
R2 MB3Service; C:\Program Files\Malwarebytes\Anti-Ransomware\MBAMService.exe [3141088 2016-03-23] (Malwarebytes)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [750032 2016-07-28] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [937520 2016-08-23] (Webroot)
S2 Everything; "C:\Users\Wisdom\AppData\Local\Temp\Temp1_Everything-1.3.4.686.x86.zip\Everything.exe" -svc [X]
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [74984 2016-07-28] ()
R3 farflt; C:\Windows\system32\drivers\farflt.sys [59776 2016-09-27] (Malwarebytes)
R3 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [259800 2016-09-23] (SurfRight B.V.)
R3 hmpnet; C:\Windows\system32\drivers\hmpnet.sys [92200 2016-09-23] (SurfRight B.V.)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [217328 2016-09-27] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
S3 MRV6X64U; C:\Windows\System32\DRIVERS\MRVW24C.sys [340480 2007-10-28] (Marvell Semiconductor, Inc)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2014-11-17] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2014-11-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2014-11-17] (LG Electronics Inc.)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117728 2016-09-27] (Webroot)
S3 dbx; system32\DRIVERS\dbx.sys [X]
U0 SR; no ImagePath
U2 srservice; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-27 14:48 - 2016-09-27 14:50 - 00037896 _____ C:\Users\Wisdom\Desktop\FRST.txt
2016-09-27 14:43 - 2016-09-27 14:48 - 00000000 ____D C:\FRST
2016-09-27 14:39 - 2016-09-27 14:40 - 02403328 _____ (Farbar) C:\Users\Wisdom\Desktop\FRST64.exe
2016-09-27 12:20 - 2016-09-27 12:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\7F751F09.sys
2016-09-26 15:14 - 2016-09-26 15:14 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Wisdom\Desktop\rkill64.com
2016-09-26 15:01 - 2016-09-26 15:12 - 00204832 _____ C:\TDSSKiller.3.1.0.11_26.09.2016_15.01.08_log.txt
2016-09-26 14:04 - 2016-09-26 14:04 - 00000817 _____ C:\Users\Wisdom\Desktop\SecurityCheck - Shortcut.lnk
2016-09-26 13:49 - 2016-09-26 13:51 - 00000000 ____D C:\Users\Wisdom\Desktop\SecurityCheck
2016-09-26 00:17 - 2016-09-26 14:33 - 00213274 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 9_26.csv
2016-09-25 21:46 - 2016-09-25 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-09-25 21:35 - 2016-09-25 21:35 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-09-25 21:35 - 2016-09-25 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-25 21:32 - 2016-09-25 21:32 - 00000000 ____D C:\Program Files\iPod
2016-09-25 21:31 - 2016-09-25 21:35 - 00000000 ____D C:\Program Files\iTunes
2016-09-25 16:04 - 2016-09-25 23:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-25 00:02 - 2016-09-25 23:52 - 00259002 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 9_25.csv
2016-09-25 00:02 - 2016-09-25 21:18 - 01048868 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 9_25@1.csv
2016-09-24 17:51 - 2016-09-24 17:51 - 00003584 _____ C:\Users\Wisdom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-09-24 00:36 - 2016-09-24 23:37 - 00498208 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 9_24.csv
2016-09-23 20:04 - 2016-09-23 20:36 - 03861056 _____ C:\Users\Wisdom\Desktop\adwcleaner_6.020 (1).exe
2016-09-23 19:57 - 2016-09-23 19:59 - 00797760 _____ C:\Users\Wisdom\Desktop\delfix_1.013.exe
2016-09-23 19:46 - 2016-09-23 19:53 - 03861056 _____ C:\Users\Wisdom\Desktop\adwcleaner_6.020.exe
2016-09-23 12:45 - 2016-09-23 12:45 - 02962057 _____ C:\Users\Wisdom\Downloads\Attachments_2016923.zip
2016-09-23 12:44 - 2016-09-23 12:44 - 00000000 ____D C:\Users\Wisdom\Downloads\New folder
2016-09-23 00:01 - 2016-09-23 23:45 - 00784589 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 9_23.csv
2016-09-22 23:23 - 2016-09-22 23:40 - 00046920 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 9_22.csv
2016-09-21 00:18 - 2016-09-21 23:08 - 00521341 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 9_21.csv
2016-09-20 14:13 - 2016-09-20 15:57 - 00000000 ____D C:\Users\Wisdom\Downloads\THEMES 4 COMPUTER
2016-09-20 14:01 - 2016-08-05 11:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-09-20 14:01 - 2016-08-05 11:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-09-20 02:32 - 2016-09-20 02:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-20 00:08 - 2016-09-20 23:53 - 01048939 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 9_20@1.csv
2016-09-20 00:08 - 2016-09-20 23:53 - 00021927 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 9_20.csv
2016-09-19 21:15 - 2016-09-19 21:15 - 00042792 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\DbxSvc.exe
2016-09-19 21:07 - 2016-09-19 21:07 - 00073840 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-stable.sys
2016-09-19 21:07 - 2016-09-19 21:07 - 00073840 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-dev.sys
2016-09-19 21:07 - 2016-09-19 21:07 - 00073840 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-canary.sys
2016-09-19 18:54 - 2016-09-19 19:04 - 00002747 ____C C:\Users\Wisdom\Desktop\Malwarebytes Anti-Exploit - Shortcut.lnk
2016-09-19 18:49 - 2016-09-19 18:50 - 00000000 ___DC C:\Users\Wisdom\AppData\Local\MigWiz
2016-09-19 01:51 - 2016-09-19 23:57 - 00109799 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 9_19.csv
2016-09-19 01:51 - 2016-09-19 23:17 - 01050557 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 9_19@1.csv
2016-09-16 12:12 - 2016-09-27 12:22 - 00000000 ___RD C:\Users\Wisdom\Dropbox
2016-09-16 12:12 - 2016-09-16 12:12 - 00001226 _____ C:\Users\Wisdom\Desktop\Dropbox.lnk
2016-09-16 11:57 - 2016-09-16 11:57 - 00000000 ____D C:\Users\Wisdom\AppData\Roaming\Dropbox
2016-09-16 11:55 - 2016-09-27 14:01 - 00000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-09-16 11:55 - 2016-09-27 12:18 - 00000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-09-16 11:55 - 2016-09-20 02:55 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-09-16 11:55 - 2016-09-16 12:12 - 00000000 ____D C:\Users\Wisdom\AppData\Local\Dropbox
2016-09-16 11:55 - 2016-09-16 11:55 - 00003904 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-09-16 11:55 - 2016-09-16 11:55 - 00003652 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-09-16 11:55 - 2016-09-16 11:55 - 00000000 ____D C:\ProgramData\Dropbox
2016-09-16 11:53 - 2016-09-16 11:54 - 00000000 ____D C:\Users\Wisdom\Downloads\DropBox
2016-09-16 09:12 - 2016-09-16 09:15 - 00000000 ____D C:\Users\Wisdom\Documents\Hitman Pro log sept 16 2016
2016-09-14 22:14 - 2016-09-01 15:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-09-14 22:14 - 2016-09-01 14:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-09-14 22:14 - 2016-08-31 23:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-14 22:14 - 2016-08-31 23:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-14 22:14 - 2016-08-31 22:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-09-14 22:14 - 2016-08-31 22:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-14 22:14 - 2016-08-31 22:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-09-14 22:14 - 2016-08-31 22:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-14 22:14 - 2016-08-31 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-09-14 22:14 - 2016-08-31 21:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-09-14 22:14 - 2016-08-31 21:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-09-14 22:14 - 2016-08-31 21:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-09-14 22:14 - 2016-08-31 21:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-09-14 22:14 - 2016-08-31 21:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-09-14 22:14 - 2016-08-31 21:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-14 22:14 - 2016-08-31 21:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-09-14 22:14 - 2016-08-31 20:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-14 22:14 - 2016-08-31 20:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-14 22:14 - 2016-08-31 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-09-14 22:14 - 2016-08-31 20:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-14 22:14 - 2016-08-31 20:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-09-14 22:14 - 2016-08-31 20:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-09-14 22:14 - 2016-08-31 20:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-09-14 22:14 - 2016-08-31 19:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-09-14 22:14 - 2016-08-31 19:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-09-14 22:14 - 2016-08-31 19:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-09-14 22:14 - 2016-08-31 19:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-09-14 22:14 - 2016-08-31 18:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-14 22:13 - 2016-08-31 22:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-09-14 22:13 - 2016-08-31 22:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-09-14 22:13 - 2016-08-31 22:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-14 22:13 - 2016-08-31 22:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-14 22:13 - 2016-08-31 22:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-14 22:13 - 2016-08-31 22:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-09-14 22:13 - 2016-08-31 22:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-09-14 22:13 - 2016-08-31 22:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-09-14 22:13 - 2016-08-31 21:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-09-14 22:13 - 2016-08-31 21:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-09-14 22:13 - 2016-08-31 21:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-09-14 22:13 - 2016-08-31 21:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-14 22:13 - 2016-08-31 21:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-14 22:13 - 2016-08-31 20:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-14 22:13 - 2016-08-31 20:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-14 22:13 - 2016-08-31 20:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-09-14 22:13 - 2016-08-31 20:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-14 22:13 - 2016-08-31 20:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-14 22:13 - 2016-08-31 20:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-14 22:13 - 2016-08-31 20:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-09-14 22:13 - 2016-08-31 20:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-14 22:13 - 2016-08-31 20:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-14 22:13 - 2016-08-31 20:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-14 22:13 - 2016-08-31 20:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-14 22:13 - 2016-08-31 20:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-09-14 22:13 - 2016-08-31 20:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-14 22:13 - 2016-08-31 20:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-09-14 22:13 - 2016-08-31 19:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-14 22:13 - 2016-08-31 19:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-09-14 22:13 - 2016-08-31 19:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-14 22:13 - 2016-08-31 19:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-14 22:13 - 2016-08-31 19:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-09-14 22:13 - 2016-08-31 19:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-14 22:13 - 2016-08-31 19:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-09-14 22:13 - 2016-08-31 19:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-14 22:13 - 2016-08-31 19:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-14 22:13 - 2016-08-31 19:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-14 22:13 - 2016-08-31 18:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-14 22:12 - 2016-09-02 11:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-14 22:12 - 2016-09-02 11:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-14 22:12 - 2016-09-02 11:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-14 22:12 - 2016-09-02 11:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-09-14 22:12 - 2016-09-02 11:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-14 22:12 - 2016-09-02 11:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-14 22:12 - 2016-09-02 11:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-09-14 22:12 - 2016-09-02 11:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-09-14 22:12 - 2016-09-02 11:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-09-14 22:12 - 2016-09-02 11:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-09-14 22:12 - 2016-09-02 11:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-09-14 22:12 - 2016-09-02 11:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-14 22:12 - 2016-09-02 11:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-09-14 22:12 - 2016-09-02 11:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-09-14 22:12 - 2016-09-02 11:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-09-14 22:12 - 2016-09-02 11:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-09-14 22:12 - 2016-09-02 11:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-09-14 22:12 - 2016-09-02 11:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 11:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-09-14 22:12 - 2016-09-02 11:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-09-14 22:12 - 2016-09-02 11:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-09-14 22:12 - 2016-09-02 11:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-09-14 22:12 - 2016-09-02 10:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-09-14 22:12 - 2016-09-02 10:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-09-14 22:12 - 2016-09-02 10:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-14 22:12 - 2016-09-02 10:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-14 22:12 - 2016-09-02 10:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-14 22:12 - 2016-09-02 10:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-09-14 22:12 - 2016-09-02 10:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-09-14 22:12 - 2016-09-02 10:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-09-14 22:12 - 2016-09-02 10:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-09-14 22:12 - 2016-09-02 10:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-09-14 22:12 - 2016-09-02 10:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-09-14 22:12 - 2016-09-02 10:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-09-14 22:12 - 2016-09-02 10:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-09-14 22:12 - 2016-09-02 10:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 10:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 10:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 22:12 - 2016-09-02 10:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-14 22:12 - 2016-08-12 12:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-14 22:12 - 2016-08-12 12:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-14 22:12 - 2016-08-12 12:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-14 22:06 - 2016-08-16 13:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-14 22:06 - 2016-08-15 22:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-14 22:06 - 2016-08-15 22:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-14 22:06 - 2016-08-06 11:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-14 22:06 - 2016-08-06 11:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-11 19:37 - 2016-09-13 01:10 - 00208406 _____ C:\TDSSKiller.3.1.0.11_11.09.2016_19.37.23_log.txt
2016-09-11 13:09 - 2016-09-11 13:11 - 00203652 _____ C:\TDSSKiller.3.1.0.11_11.09.2016_13.09.12_log.txt
2016-09-11 13:04 - 2016-09-11 19:38 - 00032052 _____ C:\Users\Wisdom\Downloads\MTB.txt
2016-09-10 20:08 - 2016-09-10 20:08 - 00002862 _____ C:\Users\Wisdom\Desktop\moodstream.net (standard).lnk
2016-09-10 19:40 - 2016-09-10 19:41 - 00000000 ____D C:\Users\Wisdom\Desktop\GOOGLE DRIVE 15 GB
2016-09-09 23:53 - 2016-09-09 23:57 - 00203634 _____ C:\TDSSKiller.3.1.0.11_09.09.2016_23.53.37_log.txt
2016-09-09 17:24 - 2016-09-09 17:24 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\6A780971.sys
2016-09-08 22:21 - 2016-09-08 22:24 - 00000000 ____D C:\Users\Wisdom\Documents\My SSA STATEMENT
2016-09-07 22:07 - 2016-09-07 22:08 - 00000000 ____D C:\Users\Wisdom\Documents\WINSTON
2016-09-07 02:05 - 2016-09-07 02:05 - 00023557 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 9_ 7.csv
2016-09-06 13:46 - 2016-09-06 13:46 - 00003540 _____ C:\Windows\System32\Tasks\iolo SCU task one
2016-09-06 13:46 - 2016-09-06 13:46 - 00001176 _____ C:\Users\Wisdom\Desktop\System Checkup.lnk
2016-09-06 13:46 - 2016-09-06 13:46 - 00000000 ____D C:\Users\Wisdom\AppData\Roaming\iolo
2016-09-06 13:42 - 2016-09-06 13:42 - 00000000 ____D C:\Users\Wisdom\Downloads\AOL SCUDOWNLOADER
2016-09-06 12:28 - 2016-09-06 12:32 - 00402776 _____ C:\TDSSKiller.3.1.0.11_06.09.2016_12.28.22_log.txt
2016-09-05 17:08 - 2016-09-05 17:12 - 00004382 _____ C:\TDSSKiller.3.1.0.11_05.09.2016_17.08.58_log.txt
2016-09-05 11:15 - 2016-09-05 11:16 - 00000000 ____D C:\Users\Wisdom\Documents\AUCTION com LIST SEPT 2016
2016-09-04 19:19 - 2016-09-04 19:19 - 00262144 _____ C:\Windows\Minidump\090416-21434-01.dmp
2016-09-03 17:36 - 2016-09-03 22:04 - 00000000 ____D C:\Users\Wisdom\Documents\BBT ARM LOANS
2016-09-02 14:05 - 2016-09-02 14:05 - 00168663 _____ C:\Users\Wisdom\Downloads\2F5E.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00056690 _____ C:\Users\Wisdom\Downloads\3CA7.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00016203 _____ C:\Users\Wisdom\Downloads\FEB0.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00015532 _____ C:\Users\Wisdom\Downloads\FCB9.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00013449 _____ C:\Users\Wisdom\Downloads\3EF9.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00010464 _____ C:\Users\Wisdom\Downloads\FC4B.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00010336 _____ C:\Users\Wisdom\Downloads\FDA5.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00010093 _____ C:\Users\Wisdom\Downloads\FE32.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00009732 _____ C:\Users\Wisdom\Downloads\FD27.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00008006 _____ C:\Users\Wisdom\Downloads\3FB6.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00007307 _____ C:\Users\Wisdom\Downloads\24A4.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00007192 _____ C:\Users\Wisdom\Downloads\2DF4.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00007107 _____ C:\Users\Wisdom\Downloads\2BA0.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00006976 _____ C:\Users\Wisdom\Downloads\2C7B.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00006671 _____ C:\Users\Wisdom\Downloads\346.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00006656 _____ C:\Users\Wisdom\Downloads\2EFE.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00006516 _____ C:\Users\Wisdom\Downloads\22ED.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00006449 _____ C:\Users\Wisdom\Downloads\29F8.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00006408 _____ C:\Users\Wisdom\Downloads\141.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00006386 _____ C:\Users\Wisdom\Downloads\284F.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00006338 _____ C:\Users\Wisdom\Downloads\18.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00006288 _____ C:\Users\Wisdom\Downloads\2A66.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00006115 _____ C:\Users\Wisdom\Downloads\2399.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00006092 _____ C:\Users\Wisdom\Downloads\740.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00006077 _____ C:\Users\Wisdom\Downloads\22C.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00005982 _____ C:\Users\Wisdom\Downloads\82B.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00005965 _____ C:\Users\Wisdom\Downloads\28AE.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00005906 _____ C:\Users\Wisdom\Downloads\27A3.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00005739 _____ C:\Users\Wisdom\Downloads\2407.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00005689 _____ C:\Users\Wisdom\Downloads\264B.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00005557 _____ C:\Users\Wisdom\Downloads\295B.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00005326 _____ C:\Users\Wisdom\Downloads\2D66.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00003056 _____ C:\Users\Wisdom\Downloads\55B.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001901 _____ C:\Users\Wisdom\Downloads\3648.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001872 _____ C:\Users\Wisdom\Downloads\3783.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001857 _____ C:\Users\Wisdom\Downloads\3860.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001763 _____ C:\Users\Wisdom\Downloads\39A9.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001725 _____ C:\Users\Wisdom\Downloads\352D.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001715 _____ C:\Users\Wisdom\Downloads\36B6.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001712 _____ C:\Users\Wisdom\Downloads\6D2.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001656 _____ C:\Users\Wisdom\Downloads\3715.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001614 _____ C:\Users\Wisdom\Downloads\37D2.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001525 _____ C:\Users\Wisdom\Downloads\392B.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001199 _____ C:\Users\Wisdom\Downloads\3D72.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001187 _____ C:\Users\Wisdom\Downloads\328C.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001148 _____ C:\Users\Wisdom\Downloads\3038.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001140 _____ C:\Users\Wisdom\Downloads\3377.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001133 _____ C:\Users\Wisdom\Downloads\2F7C.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001132 _____ C:\Users\Wisdom\Downloads\31DF.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001062 _____ C:\Users\Wisdom\Downloads\30F4.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00001057 _____ C:\Users\Wisdom\Downloads\3414.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00000000 _____ C:\Users\Wisdom\Downloads\41EB.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00000000 _____ C:\Users\Wisdom\Downloads\41DB.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00000000 _____ C:\Users\Wisdom\Downloads\41DA.tmp
2016-09-02 12:16 - 2016-09-02 12:16 - 00000000 _____ C:\Users\Wisdom\Downloads\41AA.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00024718 _____ C:\Users\Wisdom\Downloads\5B87.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00023140 _____ C:\Users\Wisdom\Downloads\5D1F.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00022315 _____ C:\Users\Wisdom\Downloads\5C53.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00019052 _____ C:\Users\Wisdom\Downloads\2AB7.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00018470 _____ C:\Users\Wisdom\Downloads\819B.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00018310 _____ C:\Users\Wisdom\Downloads\2872.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00017949 _____ C:\Users\Wisdom\Downloads\F7C5.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00017554 _____ C:\Users\Wisdom\Downloads\846D.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00017339 _____ C:\Users\Wisdom\Downloads\8228.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00016917 _____ C:\Users\Wisdom\Downloads\582A.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00016858 _____ C:\Users\Wisdom\Downloads\17B6.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00016777 _____ C:\Users\Wisdom\Downloads\BF71.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00016765 _____ C:\Users\Wisdom\Downloads\2B63.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00016524 _____ C:\Users\Wisdom\Downloads\8BB3.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00016414 _____ C:\Users\Wisdom\Downloads\131D.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00016235 _____ C:\Users\Wisdom\Downloads\F5F0.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00016214 _____ C:\Users\Wisdom\Downloads\577E.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00015883 _____ C:\Users\Wisdom\Downloads\AF1F.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00015771 _____ C:\Users\Wisdom\Downloads\AEBF.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00015767 _____ C:\Users\Wisdom\Downloads\2ECE.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00015767 _____ C:\Users\Wisdom\Downloads\1FA5.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00015704 _____ C:\Users\Wisdom\Downloads\C896.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00015681 _____ C:\Users\Wisdom\Downloads\2476.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00015630 _____ C:\Users\Wisdom\Downloads\EE8C.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00015599 _____ C:\Users\Wisdom\Downloads\F96C.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00015571 _____ C:\Users\Wisdom\Downloads\C70D.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00015124 _____ C:\Users\Wisdom\Downloads\2523.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00015010 _____ C:\Users\Wisdom\Downloads\1553.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00014940 _____ C:\Users\Wisdom\Downloads\E6F0.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00014918 _____ C:\Users\Wisdom\Downloads\3B2B.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00014882 _____ C:\Users\Wisdom\Downloads\3131.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00014767 _____ C:\Users\Wisdom\Downloads\3C64.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00014763 _____ C:\Users\Wisdom\Downloads\C79A.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00014544 _____ C:\Users\Wisdom\Downloads\ED42.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00014299 _____ C:\Users\Wisdom\Downloads\16CB.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00014214 _____ C:\Users\Wisdom\Downloads\15F0.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00014205 _____ C:\Users\Wisdom\Downloads\3609.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00014167 _____ C:\Users\Wisdom\Downloads\B0C6.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00013706 _____ C:\Users\Wisdom\Downloads\11F3.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00013704 _____ C:\Users\Wisdom\Downloads\25A1.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00013629 _____ C:\Users\Wisdom\Downloads\E2C5.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00013601 _____ C:\Users\Wisdom\Downloads\E7FC.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00013475 _____ C:\Users\Wisdom\Downloads\5AAC.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00013381 _____ C:\Users\Wisdom\Downloads\1E0E.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00013328 _____ C:\Users\Wisdom\Downloads\8827.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012994 _____ C:\Users\Wisdom\Downloads\EFA7.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012957 _____ C:\Users\Wisdom\Downloads\8051.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012929 _____ C:\Users\Wisdom\Downloads\E4EA.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012879 _____ C:\Users\Wisdom\Downloads\89ED.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012873 _____ C:\Users\Wisdom\Downloads\ECB5.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012821 _____ C:\Users\Wisdom\Downloads\F034.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012792 _____ C:\Users\Wisdom\Downloads\C837.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012648 _____ C:\Users\Wisdom\Downloads\9CB6.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012623 _____ C:\Users\Wisdom\Downloads\E0CE.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012495 _____ C:\Users\Wisdom\Downloads\ABCF.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012469 _____ C:\Users\Wisdom\Downloads\9B2F.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012446 _____ C:\Users\Wisdom\Downloads\9EAA.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012443 _____ C:\Users\Wisdom\Downloads\EF29.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012440 _____ C:\Users\Wisdom\Downloads\774A.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012422 _____ C:\Users\Wisdom\Downloads\C3DB.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012311 _____ C:\Users\Wisdom\Downloads\BF02.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012280 _____ C:\Users\Wisdom\Downloads\14D5.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00012060 _____ C:\Users\Wisdom\Downloads\F209.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011986 _____ C:\Users\Wisdom\Downloads\AE32.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011915 _____ C:\Users\Wisdom\Downloads\5E68.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011889 _____ C:\Users\Wisdom\Downloads\32B9.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011871 _____ C:\Users\Wisdom\Downloads\61D5.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011844 _____ C:\Users\Wisdom\Downloads\5DDB.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011708 _____ C:\Users\Wisdom\Downloads\42EE.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011695 _____ C:\Users\Wisdom\Downloads\5F05.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011674 _____ C:\Users\Wisdom\Downloads\2FE8.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011619 _____ C:\Users\Wisdom\Downloads\E218.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011566 _____ C:\Users\Wisdom\Downloads\EDD0.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011563 _____ C:\Users\Wisdom\Downloads\BD59.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011563 _____ C:\Users\Wisdom\Downloads\321C.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011493 _____ C:\Users\Wisdom\Downloads\56C1.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011444 _____ C:\Users\Wisdom\Downloads\3085.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011348 _____ C:\Users\Wisdom\Downloads\FB7F.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011271 _____ C:\Users\Wisdom\Downloads\8921.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011174 _____ C:\Users\Wisdom\Downloads\463A.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011109 _____ C:\Users\Wisdom\Downloads\83C1.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011099 _____ C:\Users\Wisdom\Downloads\EB9A.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011074 _____ C:\Users\Wisdom\Downloads\AFDB.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011017 _____ C:\Users\Wisdom\Downloads\293E.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011015 _____ C:\Users\Wisdom\Downloads\BCEB.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00011004 _____ C:\Users\Wisdom\Downloads\EC18.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00010917 _____ C:\Users\Wisdom\Downloads\3356.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00010719 _____ C:\Users\Wisdom\Downloads\D435.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00010666 _____ C:\Users\Wisdom\Downloads\BEA3.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00010265 _____ C:\Users\Wisdom\Downloads\524D.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00010222 _____ C:\Users\Wisdom\Downloads\5FB2.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00010155 _____ C:\Users\Wisdom\Downloads\C03D.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00010087 _____ C:\Users\Wisdom\Downloads\13E9.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00010058 _____ C:\Users\Wisdom\Downloads\4C81.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009863 _____ C:\Users\Wisdom\Downloads\B6C7.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009844 _____ C:\Users\Wisdom\Downloads\E8D8.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009743 _____ C:\Users\Wisdom\Downloads\33E4.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009742 _____ C:\Users\Wisdom\Downloads\9F18.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009627 _____ C:\Users\Wisdom\Downloads\29DB.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009596 _____ C:\Users\Wisdom\Downloads\34AF.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009412 _____ C:\Users\Wisdom\Downloads\58C7.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009370 _____ C:\Users\Wisdom\Downloads\E74F.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009246 _____ C:\Users\Wisdom\Downloads\B90C.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009244 _____ C:\Users\Wisdom\Downloads\A779.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009232 _____ C:\Users\Wisdom\Downloads\A092.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009193 _____ C:\Users\Wisdom\Downloads\B9D9.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009139 _____ C:\Users\Wisdom\Downloads\BAA5.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009128 _____ C:\Users\Wisdom\Downloads\EA23.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009063 _____ C:\Users\Wisdom\Downloads\E879.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009034 _____ C:\Users\Wisdom\Downloads\BC0E.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00009010 _____ C:\Users\Wisdom\Downloads\BC5D.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008970 _____ C:\Users\Wisdom\Downloads\B793.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008932 _____ C:\Users\Wisdom\Downloads\B369.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008894 _____ C:\Users\Wisdom\Downloads\80EE.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008879 _____ C:\Users\Wisdom\Downloads\B5BC.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008879 _____ C:\Users\Wisdom\Downloads\A5E2.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008857 _____ C:\Users\Wisdom\Downloads\D82D.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008806 _____ C:\Users\Wisdom\Downloads\3751.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008768 _____ C:\Users\Wisdom\Downloads\AA67.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008746 _____ C:\Users\Wisdom\Downloads\82A6.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008677 _____ C:\Users\Wisdom\Downloads\B96A.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008542 _____ C:\Users\Wisdom\Downloads\BB23.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008534 _____ C:\Users\Wisdom\Downloads\8324.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008498 _____ C:\Users\Wisdom\Downloads\C0AB.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008488 _____ C:\Users\Wisdom\Downloads\D658.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008423 _____ C:\Users\Wisdom\Downloads\E17B.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008358 _____ C:\Users\Wisdom\Downloads\A352.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008344 _____ C:\Users\Wisdom\Downloads\ADA4.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008319 _____ C:\Users\Wisdom\Downloads\A93E.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008316 _____ C:\Users\Wisdom\Downloads\E9B4.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008281 _____ C:\Users\Wisdom\Downloads\BA37.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008255 _____ C:\Users\Wisdom\Downloads\B87E.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008232 _____ C:\Users\Wisdom\Downloads\C913.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008171 _____ C:\Users\Wisdom\Downloads\B50F.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008158 _____ C:\Users\Wisdom\Downloads\C68F.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008129 _____ C:\Users\Wisdom\Downloads\E390.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008092 _____ C:\Users\Wisdom\Downloads\A209.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008040 _____ C:\Users\Wisdom\Downloads\CE18.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008028 _____ C:\Users\Wisdom\Downloads\BDB7.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00008026 _____ C:\Users\Wisdom\Downloads\D956.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007978 _____ C:\Users\Wisdom\Downloads\D0C9.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007958 _____ C:\Users\Wisdom\Downloads\129F.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007923 _____ C:\Users\Wisdom\Downloads\A004.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007846 _____ C:\Users\Wisdom\Downloads\5588.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007834 _____ C:\Users\Wisdom\Downloads\E42D.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007821 _____ C:\Users\Wisdom\Downloads\DA60.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007816 _____ C:\Users\Wisdom\Downloads\388A.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007727 _____ C:\Users\Wisdom\Downloads\CF04.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007721 _____ C:\Users\Wisdom\Downloads\E692.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007719 _____ C:\Users\Wisdom\Downloads\B29D.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007713 _____ C:\Users\Wisdom\Downloads\3DDB.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007697 _____ C:\Users\Wisdom\Downloads\C488.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007633 _____ C:\Users\Wisdom\Downloads\CE86.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007623 _____ C:\Users\Wisdom\Downloads\D34A.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007612 _____ C:\Users\Wisdom\Downloads\9F96.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007590 _____ C:\Users\Wisdom\Downloads\2719.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007578 _____ C:\Users\Wisdom\Downloads\354C.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007568 _____ C:\Users\Wisdom\Downloads\C4F6.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007501 _____ C:\Users\Wisdom\Downloads\C584.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007469 _____ C:\Users\Wisdom\Downloads\CA8D.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007445 _____ C:\Users\Wisdom\Downloads\C2F0.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007365 _____ C:\Users\Wisdom\Downloads\18A1.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007340 _____ C:\Users\Wisdom\Downloads\E060.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007289 _____ C:\Users\Wisdom\Downloads\B200.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007261 _____ C:\Users\Wisdom\Downloads\27B6.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007176 _____ C:\Users\Wisdom\Downloads\BE35.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007169 _____ C:\Users\Wisdom\Downloads\264D.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007168 _____ C:\Users\Wisdom\Downloads\B735.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007165 _____ C:\Users\Wisdom\Downloads\B182.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007145 _____ C:\Users\Wisdom\Downloads\BFDE.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00007016 _____ C:\Users\Wisdom\Downloads\E604.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00006938 _____ C:\Users\Wisdom\Downloads\C601.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00006701 _____ C:\Users\Wisdom\Downloads\C991.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00006637 _____ C:\Users\Wisdom\Downloads\E587.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00006444 _____ C:\Users\Wisdom\Downloads\DF06.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00006438 _____ C:\Users\Wisdom\Downloads\1476.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00006393 _____ C:\Users\Wisdom\Downloads\C139.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00006306 _____ C:\Users\Wisdom\Downloads\E946.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00006171 _____ C:\Users\Wisdom\Downloads\C263.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00006116 _____ C:\Users\Wisdom\Downloads\DFE2.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00006053 _____ C:\Users\Wisdom\Downloads\DF74.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00005985 _____ C:\Users\Wisdom\Downloads\3946.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00005848 _____ C:\Users\Wisdom\Downloads\DD21.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00005532 _____ C:\Users\Wisdom\Downloads\CA00.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00005469 _____ C:\Users\Wisdom\Downloads\CCCF.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00005450 _____ C:\Users\Wisdom\Downloads\DB5B.tmp
2016-09-02 12:15 - 2016-09-02 12:15 - 00005001 _____ C:\Users\Wisdom\Downloads\C1B6.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00804484 _____ C:\Users\Wisdom\Downloads\ADF9.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00440289 _____ C:\Users\Wisdom\Downloads\97C5.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00400761 _____ C:\Users\Wisdom\Downloads\8CC9.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00340075 _____ C:\Users\Wisdom\Downloads\D5E1.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00309659 _____ C:\Users\Wisdom\Downloads\3F8D.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00263471 _____ C:\Users\Wisdom\Downloads\D778.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00238826 _____ C:\Users\Wisdom\Downloads\3507.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00224465 _____ C:\Users\Wisdom\Downloads\2B5B.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00130906 _____ C:\Users\Wisdom\Downloads\CA75.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00129371 _____ C:\Users\Wisdom\Downloads\FA52.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00127175 _____ C:\Users\Wisdom\Downloads\672E.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00124579 _____ C:\Users\Wisdom\Downloads\6597.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00122973 _____ C:\Users\Wisdom\Downloads\9AE3.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00114531 _____ C:\Users\Wisdom\Downloads\93BD.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00109300 _____ C:\Users\Wisdom\Downloads\3206.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00108610 _____ C:\Users\Wisdom\Downloads\9024.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00106677 _____ C:\Users\Wisdom\Downloads\782B.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00100414 _____ C:\Users\Wisdom\Downloads\7617.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00097753 _____ C:\Users\Wisdom\Downloads\2974.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00096277 _____ C:\Users\Wisdom\Downloads\33DC.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00087704 _____ C:\Users\Wisdom\Downloads\F793.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00087205 _____ C:\Users\Wisdom\Downloads\52B8.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00086036 _____ C:\Users\Wisdom\Downloads\9C1C.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00076605 _____ C:\Users\Wisdom\Downloads\DFDE.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00072743 _____ C:\Users\Wisdom\Downloads\5875.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00072022 _____ C:\Users\Wisdom\Downloads\ED6F.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00070608 _____ C:\Users\Wisdom\Downloads\A604.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00064097 _____ C:\Users\Wisdom\Downloads\7086.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00061825 _____ C:\Users\Wisdom\Downloads\CF95.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00060648 _____ C:\Users\Wisdom\Downloads\84C8.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00060193 _____ C:\Users\Wisdom\Downloads\A539.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00060103 _____ C:\Users\Wisdom\Downloads\DAE6.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00058474 _____ C:\Users\Wisdom\Downloads\99D9.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00057114 _____ C:\Users\Wisdom\Downloads\6F0F.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00056307 _____ C:\Users\Wisdom\Downloads\36FD.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00056146 _____ C:\Users\Wisdom\Downloads\A59.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00050537 _____ C:\Users\Wisdom\Downloads\752C.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00046726 _____ C:\Users\Wisdom\Downloads\51FC.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00046461 _____ C:\Users\Wisdom\Downloads\3A0D.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00046141 _____ C:\Users\Wisdom\Downloads\810B.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00045705 _____ C:\Users\Wisdom\Downloads\37AA.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00044196 _____ C:\Users\Wisdom\Downloads\6A0E.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00042665 _____ C:\Users\Wisdom\Downloads\9E22.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00041925 _____ C:\Users\Wisdom\Downloads\3AC9.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00041159 _____ C:\Users\Wisdom\Downloads\2CE2.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00040392 _____ C:\Users\Wisdom\Downloads\A6D0.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00038421 _____ C:\Users\Wisdom\Downloads\2ABE.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00037716 _____ C:\Users\Wisdom\Downloads\CCB7.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00037289 _____ C:\Users\Wisdom\Downloads\C5DD.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00035356 _____ C:\Users\Wisdom\Downloads\5130.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00034796 _____ C:\Users\Wisdom\Downloads\DB73.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00034619 _____ C:\Users\Wisdom\Downloads\8011.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00034432 _____ C:\Users\Wisdom\Downloads\868D.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00033604 _____ C:\Users\Wisdom\Downloads\3E25.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00032838 _____ C:\Users\Wisdom\Downloads\8BDE.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00031556 _____ C:\Users\Wisdom\Downloads\3837.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00030718 _____ C:\Users\Wisdom\Downloads\A839.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00030258 _____ C:\Users\Wisdom\Downloads\2DCD.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00029965 _____ C:\Users\Wisdom\Downloads\C36A.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00027448 _____ C:\Users\Wisdom\Downloads\5D96.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00027352 _____ C:\Users\Wisdom\Downloads\ACB1.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00027274 _____ C:\Users\Wisdom\Downloads\6C31.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00026963 _____ C:\Users\Wisdom\Downloads\F531.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00026399 _____ C:\Users\Wisdom\Downloads\98B0.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00025764 _____ C:\Users\Wisdom\Downloads\D93D.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00025512 _____ C:\Users\Wisdom\Downloads\C736.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00025156 _____ C:\Users\Wisdom\Downloads\5F9B.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00023047 _____ C:\Users\Wisdom\Downloads\7AFC.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00022967 _____ C:\Users\Wisdom\Downloads\7731.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00022164 _____ C:\Users\Wisdom\Downloads\91F.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00021463 _____ C:\Users\Wisdom\Downloads\B164.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00021400 _____ C:\Users\Wisdom\Downloads\9F0D.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00019891 _____ C:\Users\Wisdom\Downloads\368F.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00019680 _____ C:\Users\Wisdom\Downloads\55B6.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00019273 _____ C:\Users\Wisdom\Downloads\DD5A.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00018751 _____ C:\Users\Wisdom\Downloads\A101.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00017979 _____ C:\Users\Wisdom\Downloads\C68A.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00017744 _____ C:\Users\Wisdom\Downloads\C530.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00017547 _____ C:\Users\Wisdom\Downloads\B5FA.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00017490 _____ C:\Users\Wisdom\Downloads\B483.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00016604 _____ C:\Users\Wisdom\Downloads\EAEF.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00016358 _____ C:\Users\Wisdom\Downloads\9D75.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00016303 _____ C:\Users\Wisdom\Downloads\D311.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00015803 _____ C:\Users\Wisdom\Downloads\96BA.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00015155 _____ C:\Users\Wisdom\Downloads\E1E3.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00014259 _____ C:\Users\Wisdom\Downloads\314A.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00013968 _____ C:\Users\Wisdom\Downloads\E29F.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00013898 _____ C:\Users\Wisdom\Downloads\49FE.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00013650 _____ C:\Users\Wisdom\Downloads\E3E9.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00013538 _____ C:\Users\Wisdom\Downloads\5B93.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00013015 _____ C:\Users\Wisdom\Downloads\F42.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00012936 _____ C:\Users\Wisdom\Downloads\7E89.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00012546 _____ C:\Users\Wisdom\Downloads\38E4.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00012523 _____ C:\Users\Wisdom\Downloads\7F16.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00012142 _____ C:\Users\Wisdom\Downloads\FD01.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00012049 _____ C:\Users\Wisdom\Downloads\DE36.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00012041 _____ C:\Users\Wisdom\Downloads\63F1.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00011991 _____ C:\Users\Wisdom\Downloads\46D0.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00011897 _____ C:\Users\Wisdom\Downloads\2906.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00011585 _____ C:\Users\Wisdom\Downloads\10F8.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00010818 _____ C:\Users\Wisdom\Downloads\3621.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00010756 _____ C:\Users\Wisdom\Downloads\DF32.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00010515 _____ C:\Users\Wisdom\Downloads\A354.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00010423 _____ C:\Users\Wisdom\Downloads\D469.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00010372 _____ C:\Users\Wisdom\Downloads\7D8E.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00008861 _____ C:\Users\Wisdom\Downloads\DA58.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00008702 _____ C:\Users\Wisdom\Downloads\DEC3.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00008605 _____ C:\Users\Wisdom\Downloads\F6B8.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00008089 _____ C:\Users\Wisdom\Downloads\7907.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00007913 _____ C:\Users\Wisdom\Downloads\FF16.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00007688 _____ C:\Users\Wisdom\Downloads\6096.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00007499 _____ C:\Users\Wisdom\Downloads\A79C.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00007467 _____ C:\Users\Wisdom\Downloads\3330.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00007462 _____ C:\Users\Wisdom\Downloads\B74.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00006739 _____ C:\Users\Wisdom\Downloads\BCC0.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00006406 _____ C:\Users\Wisdom\Downloads\A8F5.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00006339 _____ C:\Users\Wisdom\Downloads\725B.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00006144 _____ C:\Users\Wisdom\Downloads\564.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00005873 _____ C:\Users\Wisdom\Downloads\8189.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00005621 _____ C:\Users\Wisdom\Downloads\2FA3.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00005612 _____ C:\Users\Wisdom\Downloads\13A.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00005225 _____ C:\Users\Wisdom\Downloads\5093.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00005082 _____ C:\Users\Wisdom\Downloads\9DB.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00004899 _____ C:\Users\Wisdom\Downloads\DC5E.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00004826 _____ C:\Users\Wisdom\Downloads\2879.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00004679 _____ C:\Users\Wisdom\Downloads\73A5.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00004479 _____ C:\Users\Wisdom\Downloads\E68A.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00004242 _____ C:\Users\Wisdom\Downloads\3040.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00004092 _____ C:\Users\Wisdom\Downloads\E67.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00004034 _____ C:\Users\Wisdom\Downloads\89AB.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00003938 _____ C:\Users\Wisdom\Downloads\27DC.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00003745 _____ C:\Users\Wisdom\Downloads\E156.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00003590 _____ C:\Users\Wisdom\Downloads\EF92.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00003497 _____ C:\Users\Wisdom\Downloads\E88D.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00003462 _____ C:\Users\Wisdom\Downloads\F242.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00003414 _____ C:\Users\Wisdom\Downloads\59BD.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00003397 _____ C:\Users\Wisdom\Downloads\8245.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00002963 _____ C:\Users\Wisdom\Downloads\5E91.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00002956 _____ C:\Users\Wisdom\Downloads\8834.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00002691 _____ C:\Users\Wisdom\Downloads\8302.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00002609 _____ C:\Users\Wisdom\Downloads\3CCD.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00002460 _____ C:\Users\Wisdom\Downloads\D544.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00002363 _____ C:\Users\Wisdom\Downloads\83AE.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00002307 _____ C:\Users\Wisdom\Downloads\C96A.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001982 _____ C:\Users\Wisdom\Downloads\C2EC.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001905 _____ C:\Users\Wisdom\Downloads\2E99.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001900 _____ C:\Users\Wisdom\Downloads\892.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001882 _____ C:\Users\Wisdom\Downloads\D9DA.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001745 _____ C:\Users\Wisdom\Downloads\C831.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001679 _____ C:\Users\Wisdom\Downloads\C474.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001556 _____ C:\Users\Wisdom\Downloads\E503.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001450 _____ C:\Users\Wisdom\Downloads\C11.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001414 _____ C:\Users\Wisdom\Downloads\AF6.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001302 _____ C:\Users\Wisdom\Downloads\B388.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001126 _____ C:\Users\Wisdom\Downloads\DD9.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001119 _____ C:\Users\Wisdom\Downloads\CCE.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001050 _____ C:\Users\Wisdom\Downloads\D5C.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001040 _____ C:\Users\Wisdom\Downloads\B7B0.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00001014 _____ C:\Users\Wisdom\Downloads\BF70.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000981 _____ C:\Users\Wisdom\Downloads\63F.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000976 _____ C:\Users\Wisdom\Downloads\C70.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000963 _____ C:\Users\Wisdom\Downloads\6868.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000895 _____ C:\Users\Wisdom\Downloads\AC14.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000747 _____ C:\Users\Wisdom\Downloads\FE2B.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000747 _____ C:\Users\Wisdom\Downloads\7CD2.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000676 _____ C:\Users\Wisdom\Downloads\34A8.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000659 _____ C:\Users\Wisdom\Downloads\7BF7.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000635 _____ C:\Users\Wisdom\Downloads\9CF8.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000617 _____ C:\Users\Wisdom\Downloads\B2DB.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000604 _____ C:\Users\Wisdom\Downloads\E32D.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000575 _____ C:\Users\Wisdom\Downloads\AB86.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000526 _____ C:\Users\Wisdom\Downloads\4F.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000522 _____ C:\Users\Wisdom\Downloads\69E.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000441 _____ C:\Users\Wisdom\Downloads\BEA4.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000440 _____ C:\Users\Wisdom\Downloads\C24F.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000436 _____ C:\Users\Wisdom\Downloads\DDC8.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000421 _____ C:\Users\Wisdom\Downloads\2684.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000376 _____ C:\Users\Wisdom\Downloads\467.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000302 _____ C:\Users\Wisdom\Downloads\7994.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000297 _____ C:\Users\Wisdom\Downloads\C05B.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000283 _____ C:\Users\Wisdom\Downloads\AAF9.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000277 _____ C:\Users\Wisdom\Downloads\2A40.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000226 _____ C:\Users\Wisdom\Downloads\DCDC.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000191 _____ C:\Users\Wisdom\Downloads\4E5.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000183 _____ C:\Users\Wisdom\Downloads\273.tmp
2016-09-02 12:14 - 2016-09-02 12:14 - 00000095 _____ C:\Users\Wisdom\Downloads\F474.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00722093 _____ C:\Users\Wisdom\Downloads\1E9F.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00578514 _____ C:\Users\Wisdom\Downloads\218F.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00497667 _____ C:\Users\Wisdom\Downloads\8D5.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00353478 _____ C:\Users\Wisdom\Downloads\8F9E.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00216259 _____ C:\Users\Wisdom\Downloads\92EC.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00177917 _____ C:\Users\Wisdom\Downloads\8E07.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00167720 _____ C:\Users\Wisdom\Downloads\AC60.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00144743 _____ C:\Users\Wisdom\Downloads\C4F2.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00124682 _____ C:\Users\Wisdom\Downloads\9154.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00120101 _____ C:\Users\Wisdom\Downloads\88D1.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00119135 _____ C:\Users\Wisdom\Downloads\9501.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00119082 _____ C:\Users\Wisdom\Downloads\F543.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00117940 _____ C:\Users\Wisdom\Downloads\924F.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00116016 _____ C:\Users\Wisdom\Downloads\8D5A.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00115039 _____ C:\Users\Wisdom\Downloads\8B95.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00112527 _____ C:\Users\Wisdom\Downloads\C127.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00107239 _____ C:\Users\Wisdom\Downloads\93D7.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00101132 _____ C:\Users\Wisdom\Downloads\863D.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00097629 _____ C:\Users\Wisdom\Downloads\A077.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00094955 _____ C:\Users\Wisdom\Downloads\20E2.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00081291 _____ C:\Users\Wisdom\Downloads\84B6.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00072153 _____ C:\Users\Wisdom\Downloads\C86F.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00071035 _____ C:\Users\Wisdom\Downloads\EC6C.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00070978 _____ C:\Users\Wisdom\Downloads\C32C.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00065539 _____ C:\Users\Wisdom\Downloads\C3D8.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00060569 _____ C:\Users\Wisdom\Downloads\8AA9.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00050972 _____ C:\Users\Wisdom\Downloads\B3F1.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00044774 _____ C:\Users\Wisdom\Downloads\C231.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00043657 _____ C:\Users\Wisdom\Downloads\E24B.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00040205 _____ C:\Users\Wisdom\Downloads\1D17.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00040035 _____ C:\Users\Wisdom\Downloads\B673.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00039729 _____ C:\Users\Wisdom\Downloads\C02C.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00039711 _____ C:\Users\Wisdom\Downloads\A44F.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00038068 _____ C:\Users\Wisdom\Downloads\86DA.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00037489 _____ C:\Users\Wisdom\Downloads\8B17.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00037474 _____ C:\Users\Wisdom\Downloads\19CB.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00035344 _____ C:\Users\Wisdom\Downloads\B1BF.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00035007 _____ C:\Users\Wisdom\Downloads\89BD.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00033952 _____ C:\Users\Wisdom\Downloads\BA5B.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00033737 _____ C:\Users\Wisdom\Downloads\A9AE.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00032504 _____ C:\Users\Wisdom\Downloads\2579.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00030047 _____ C:\Users\Wisdom\Downloads\AB94.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00029994 _____ C:\Users\Wisdom\Downloads\AAE7.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00029703 _____ C:\Users\Wisdom\Downloads\1517.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00028780 _____ C:\Users\Wisdom\Downloads\C60C.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00028415 _____ C:\Users\Wisdom\Downloads\22B8.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00027789 _____ C:\Users\Wisdom\Downloads\C754.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00026889 _____ C:\Users\Wisdom\Downloads\2045.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00019857 _____ C:\Users\Wisdom\Downloads\BDBA.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00018543 _____ C:\Users\Wisdom\Downloads\BC91.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00018096 _____ C:\Users\Wisdom\Downloads\895E.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00016874 _____ C:\Users\Wisdom\Downloads\A614.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00014314 _____ C:\Users\Wisdom\Downloads\1E12.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00013912 _____ C:\Users\Wisdom\Downloads\BBF3.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00013379 _____ C:\Users\Wisdom\Downloads\CAB2.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00011199 _____ C:\Users\Wisdom\Downloads\1B13.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00010898 _____ C:\Users\Wisdom\Downloads\B9BE.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00010872 _____ C:\Users\Wisdom\Downloads\8823.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00010133 _____ C:\Users\Wisdom\Downloads\BF9F.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00007277 _____ C:\Users\Wisdom\Downloads\AF3E.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00005772 _____ C:\Users\Wisdom\Downloads\E633.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00005587 _____ C:\Users\Wisdom\Downloads\C8FD.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00004992 _____ C:\Users\Wisdom\Downloads\24EC.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00004741 _____ C:\Users\Wisdom\Downloads\A71E.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00003710 _____ C:\Users\Wisdom\Downloads\8A3A.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00002978 _____ C:\Users\Wisdom\Downloads\1844.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00001954 _____ C:\Users\Wisdom\Downloads\9483.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00001781 _____ C:\Users\Wisdom\Downloads\2384.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00000507 _____ C:\Users\Wisdom\Downloads\D703.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00000140 _____ C:\Users\Wisdom\Downloads\C7E2.tmp
2016-09-02 12:13 - 2016-09-02 12:13 - 00000074 _____ C:\Users\Wisdom\Downloads\8872.tmp
2016-08-31 03:15 - 2016-08-31 13:42 - 00047670 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 8_31.csv
2016-08-30 10:14 - 2016-08-30 10:14 - 00023582 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 8_30.csv
2016-08-29 22:48 - 2016-08-29 22:48 - 00021536 _____ C:\Users\Wisdom\Documents\WISDOM-PC_Wisdom_2016_ 8_29.csv
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-27 14:45 - 2015-08-18 01:59 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-27 13:52 - 2015-08-17 14:30 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-27 12:29 - 2009-07-14 00:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-27 12:29 - 2009-07-14 00:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-27 12:21 - 2016-08-05 20:04 - 00000000 ___RD C:\Users\Wisdom\Verizon Cloud Sync
2016-09-27 12:20 - 2016-02-24 19:31 - 00059776 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2016-09-27 12:20 - 2015-08-15 21:58 - 00217328 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-27 12:18 - 2015-08-17 14:30 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-27 12:18 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-27 12:17 - 2015-12-24 18:01 - 00117728 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2016-09-27 12:15 - 2016-08-24 00:13 - 00831264 _____ C:\Windows\ntbtlog.txt
2016-09-27 12:05 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-09-27 10:58 - 2016-06-17 14:03 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2016-09-26 21:05 - 2015-12-24 14:36 - 00000000 ____D C:\ProgramData\WRData
2016-09-26 18:06 - 2015-08-17 13:59 - 00000000 ____D C:\Users\Wisdom\AppData\Local\Deployment
2016-09-26 15:22 - 2016-08-09 18:51 - 00002050 _____ C:\Users\Wisdom\Desktop\Rkill.txt
2016-09-25 23:26 - 2015-08-22 22:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-25 21:32 - 2016-05-09 14:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-09-25 15:53 - 2016-07-18 01:45 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1468820690
2016-09-25 15:53 - 2016-07-18 01:43 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-25 15:30 - 2015-09-07 19:22 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{41FF72F3-785B-4312-BD82-E5136DA1DE9D}
2016-09-24 19:59 - 2016-05-11 11:41 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-09-24 19:14 - 2015-11-12 17:19 - 00000000 ____D C:\Users\Wisdom\Documents\Outlook Files
2016-09-24 00:22 - 2016-06-17 14:02 - 00000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2016-09-24 00:12 - 2016-05-18 21:36 - 00000000 ____D C:\AdwCleaner
2016-09-23 19:41 - 2016-06-17 14:02 - 00866960 _____ (SurfRight B.V.) C:\Windows\system32\hmpalert.dll
2016-09-23 19:41 - 2016-06-17 14:02 - 00791696 _____ (SurfRight B.V.) C:\Windows\SysWOW64\hmpalert.dll
2016-09-23 19:41 - 2016-06-17 14:02 - 00259800 _____ (SurfRight B.V.) C:\Windows\system32\Drivers\hmpalert.sys
2016-09-23 19:41 - 2016-06-17 14:02 - 00092200 _____ (SurfRight B.V.) C:\Windows\system32\Drivers\hmpnet.sys
2016-09-21 20:54 - 2015-10-31 00:31 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-21 20:47 - 2015-10-31 00:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-21 12:55 - 2015-09-03 11:19 - 00000000 ____D C:\Users\Wisdom\AppData\Roaming\.purple
2016-09-20 13:11 - 2015-08-21 08:15 - 00000000 ____D C:\Users\Wisdom\AppData\Roaming\Skype
2016-09-19 20:10 - 2015-08-21 08:14 - 00000000 ____D C:\ProgramData\Skype
2016-09-19 20:09 - 2015-12-24 00:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-19 19:07 - 2016-03-08 12:26 - 00000000 ____D C:\Users\DefaultAppPool
2016-09-19 17:48 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-09-19 17:32 - 2015-08-17 12:50 - 00000000 ____D C:\Users\Wisdom\AppData\Local\ElevatedDiagnostics
2016-09-19 17:05 - 2015-08-18 07:56 - 00001739 _____ C:\WirelessDiagLog.csv
2016-09-19 15:48 - 2009-07-14 01:13 - 00006390 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-17 19:55 - 2016-07-14 14:45 - 00000000 ____D C:\Users\Wisdom\Documents\GA COMPASS - Common Point of Access to Social Services MDCD APProval_files
2016-09-16 12:12 - 2015-08-15 07:20 - 00000000 ____D C:\Users\Wisdom
2016-09-16 04:03 - 2015-08-15 16:31 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-15 11:43 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-09-15 06:42 - 2015-08-17 14:34 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-15 06:42 - 2015-08-17 14:34 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-15 05:46 - 2009-07-14 00:45 - 00424424 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-15 05:45 - 2015-08-18 01:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-15 05:45 - 2015-08-18 01:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-15 04:21 - 2015-08-18 01:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-15 04:10 - 2015-08-15 07:29 - 00000000 ____D C:\Windows\system32\MRT
2016-09-15 03:09 - 2015-08-15 07:29 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-13 21:47 - 2016-05-11 11:41 - 00003890 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-09-13 21:47 - 2015-08-18 01:59 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-13 21:47 - 2015-08-15 16:34 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-13 21:47 - 2015-08-15 16:34 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-13 21:47 - 2015-08-15 16:33 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-13 21:46 - 2015-08-15 16:34 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-10 19:20 - 2015-09-07 15:20 - 00000000 ____D C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-09-06 13:46 - 2016-08-08 15:19 - 00000000 ____D C:\ProgramData\iolo
2016-09-04 19:19 - 2016-07-27 10:24 - 361127914 _____ C:\Windows\MEMORY.DMP
2016-09-04 19:19 - 2015-08-23 09:14 - 00000000 ____D C:\Windows\Minidump
2016-08-29 22:55 - 2015-12-24 18:01 - 00185272 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2016-08-29 22:55 - 2015-12-24 18:01 - 00119920 _____ (Webroot) C:\Windows\system32\WRusr.dll
 
==================== Files in the root of some directories =======
 
2016-03-28 17:46 - 2016-03-28 17:46 - 6871040 _____ () C:\Program Files (x86)\GUT41CD.tmp
2015-12-10 20:05 - 2015-12-20 01:05 - 0000140 _____ () C:\Users\Wisdom\AppData\Roaming\WB.CFG
2016-09-24 17:51 - 2016-09-24 17:51 - 0003584 _____ () C:\Users\Wisdom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-07 13:34 - 2015-10-07 13:34 - 0000017 _____ () C:\Users\Wisdom\AppData\Local\resmon.resmoncfg
2015-12-20 16:51 - 2015-12-20 16:51 - 0000000 _____ () C:\Users\Wisdom\AppData\Local\{38DCCC50-160F-4350-9142-781747605D84}
2015-08-23 09:02 - 2015-08-23 09:02 - 0000000 _____ () C:\Users\Wisdom\AppData\Local\{546581A7-286B-4E10-9205-F965B313807F}
2015-11-07 10:48 - 2015-11-07 10:52 - 0000000 _____ () C:\Users\Wisdom\AppData\Local\{6CD2087C-44C1-4EC8-8B40-42ADCA9DD155}
2016-07-12 14:20 - 2016-08-25 21:07 - 0001115 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
 
Some files in TEMP:
====================
C:\Users\Wisdom\AppData\Local\Temp\libeay32.dll
C:\Users\Wisdom\AppData\Local\Temp\msvcr120.dll
C:\Users\Wisdom\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-09-15 11:11
 
==================== End of FRST.txt ============================
 
 
 
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2016
Ran by Wisdom (27-09-2016 14:52:19)
Running from C:\Users\Wisdom\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-08-15 11:20:13)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-300878534-179229815-3550441383-500 - Administrator - Disabled)
Guest (S-1-5-21-300878534-179229815-3550441383-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-300878534-179229815-3550441383-1003 - Limited - Enabled)
Wisdom (S-1-5-21-300878534-179229815-3550441383-1000 - Administrator - Enabled) => C:\Users\Wisdom
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AV: Webroot SecureAnywhere (Enabled - Up to date) {4646A877-74EB-CD3B-8FDB-210DB94FA61A}
AS: Webroot SecureAnywhere (Enabled - Up to date) {FD274993-52D1-C2B5-B56B-1A7FC2C8ECA7}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
AIM 7 (HKLM-x32\...\AIM_7) (Version:  - )
AIM for Windows (HKU\S-1-5-21-300878534-179229815-3550441383-1000\...\AIM) (Version:  - AOL Inc.)
AIM for Windows (HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\AIM) (Version:  - AOL Inc.)
Amazon Music (HKU\S-1-5-21-300878534-179229815-3550441383-1000\...\Amazon Amazon Music) (Version: 4.3.2.1367 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 4.3.2.1367 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
BitPim 1.0.7 (HKLM-x32\...\{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1) (Version: 1.0.7 - Joe Pham <djpham@bitpim.org>)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Chromium (HKU\S-1-5-21-300878534-179229815-3550441383-1000\...\Chromium) (Version: 50.0.2634.0 - Chromium)
Chromium (HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Chromium) (Version: 50.0.2634.0 - Chromium)
CinemaNow Player (HKLM-x32\...\com.bby.cinemanowplayer) (Version: 3.1.4 - Rovi Corporation)
CinemaNow Player (x32 Version: 3.1.4 - Rovi Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DISH Anywhere Slingplayer Installer (x32 Version: 1.1.0.384 - Sling Media) Hidden
DISH Anywhere Video Player (HKLM-x32\...\{19A59152-3EA7-4631-9A11-5D2DBEF29780}) (Version: 2.29.3 - DISH Anywhere)
DishAnywhereDesktop (HKLM-x32\...\{64ce7194-0a6e-4b76-90e5-432d8106504f}) (Version: 1.1.0.384 - Sling Media)
Dropbox (HKLM-x32\...\Dropbox) (Version: 10.4.26 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.47.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Talk (remove only) (HKU\S-1-5-21-300878534-179229815-3550441383-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk (remove only) (HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.280 - SurfRight B.V.)
HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.5.3.562 - SurfRight B.V.)
iCloud (HKLM\...\{CE29BC77-C5AE-49D8-A8C0-FDAF6ACF74DF}) (Version: 6.0.1.41 - Apple Inc.)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.0.4 - LG Electronics)
LG Outlook Sync (HKLM-x32\...\{84CA1CCF-5CF7-4ED6-8CFA-77DD5C949505}) (Version: 1.1.0.4 - LG Electronics)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
Malwarebytes Anti-Exploit version 1.8.1.2572 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.2572 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Malwarebytes Anti-Ransomware version 0.9.15.416 (HKLM\...\{6CA75021-FBB0-41A5-B95C-FC1C9E0421F0}_is1) (Version: 0.9.15.416 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 49.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 en-US)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Napster (HKU\S-1-5-21-300878534-179229815-3550441383-1000\...\5d01cae694a4998b) (Version: 6.17.42.0 - Rhapsody International Inc.)
Napster (HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\5d01cae694a4998b) (Version: 6.17.42.0 - Rhapsody International Inc.)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Opera Stable 40.0.2308.62 (HKLM-x32\...\Opera 40.0.2308.62) (Version: 40.0.2308.62 - Opera Software)
Outlook on the Desktop 1.6.0 (HKLM-x32\...\{6D9785D9-FF53-4C06-9C2A-E4173D41A2FD}_is1) (Version:  - Michael Scrivo)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
System Checkup 4.0 (HKLM-x32\...\{918D30D3-AD9B-43A8-9EF7-463075DC93CD}_is1) (Version: 4.0.0.145 - iolo technologies, LLC)
Verizon Cloud (HKLM\...\Verizon Cloud) (Version: 15.3.7.9 - Verizon)
WaterWorks (Sorted) (HKLM-x32\...\WaterWorks (Sorted)_is1) (Version:  - Sharada Engineering Classes & Computers)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.11.70 - Webroot)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1079FD09-474B-4B93-B5BC-D7F5B691D25E} - System32\Tasks\iolo SCU task one => C:\ProgramData\iolo\SCU\sculnch.lnk [Argument = /toaster]
Task: {1586748F-07F2-42B6-A2BD-E4C0914970EB} - System32\Tasks\{723050FB-AA49-486C-944A-57C636E2EE01} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {15AD5DAF-43E1-4A19-8F79-95FE758EA4C1} - System32\Tasks\{9B3685C3-D522-4E6B-B8FC-6824F6D502E1} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {24520B7A-6FB7-4552-A385-29978B40586D} - System32\Tasks\{BED775E5-F2A6-4583-B532-ECBB88FBC30B} => C:\Program Files (x86)\Opera\launcher.exe [2016-09-21] (Opera Software)
Task: {255226A7-F3B3-427F-ABCB-243BC92DB75B} - System32\Tasks\{82A57340-BB1B-4397-AB6D-F9045FFF7BD1} => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {27F116A0-454C-4897-8B51-B9EC4A242792} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-11-03] (McAfee, Inc.)
Task: {2BD8F39E-8536-493B-A39B-F1FA17A6CCC9} - System32\Tasks\{A5B6C898-20F0-4353-A554-D90FA9348E04} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {2D78339E-2F57-4AB8-B352-79991776F7AB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {35E46EC1-469E-42B5-B04F-9CD6F8E1E8F0} - \{3F4DAD9F-12D6-4E87-8C2A-BB7BBA028935} -> No File <==== ATTENTION
Task: {36D7B42C-77FD-4ECA-A5E3-C95EA57834F6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-09-13] (Microsoft Corporation)
Task: {38359E25-389D-46E8-9E36-A59411C0E6F2} - System32\Tasks\{65A2FE16-AC60-4625-A00D-96F7D796C98A} => Chrome.exe 
Task: {3F4461C9-8388-48A9-B3A0-16819284B050} - System32\Tasks\{63DC4D2A-610F-4129-A863-5BA6569CEE4A} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {41403FDA-9054-444B-86B1-4C314CDD66F3} - System32\Tasks\{FD753E34-975A-4355-AB7B-B2989EEF58E4} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {415E685D-9DCC-4629-BD59-3B98C92274B0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {50B706AD-7FAE-4AF4-A12E-921F75B44843} - System32\Tasks\{05163992-723C-4C24-8854-BB6C6CFD7B82} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {553031C8-74A9-4910-A990-4C8D89991978} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {5672F839-9F47-4EA4-9DEE-DAB321BE5D89} - System32\Tasks\{2E56E2C5-93A6-4D77-A8C3-B766C833AC41} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {57387E16-E9A5-4C3F-8450-7C79A948FE57} - System32\Tasks\{B5093906-A13C-46E7-B5FB-B0FF9F51B745} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {5840B2A7-394B-4B21-9760-EC0141D3D08B} - System32\Tasks\{6F24AE46-2CC4-4412-BCA6-2FC8A625F8DD} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {5976BF18-793C-4940-90F7-DCAABEA4D821} - System32\Tasks\{407E3A69-B59D-4654-A010-919B5BB76B76} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {5A80E6FE-4EAF-48DD-8376-E7F9CE149CAC} - \{133DE5A9-A627-4878-8D7C-759987B66CCF} -> No File <==== ATTENTION
Task: {5BB3E442-F621-4756-BFC3-B327F9510FBF} - System32\Tasks\{CD6AEC69-CA09-40A0-8885-F5779E195DF9} => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {618ECFE1-70AE-4B28-A5AB-82ED3C829A42} - System32\Tasks\{DB693294-37F3-42AC-9DE9-AF73D8318D8B} => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {632E26BD-3565-495C-B5C0-A1823100AA9E} - \{EE4FDC6B-3DBF-4F42-86F2-0904BD9D42FD} -> No File <==== ATTENTION
Task: {6EE20D92-2659-45BF-B606-9D56AB0DBE35} - System32\Tasks\{B44924C5-6CA5-4FDE-B828-A7866469D208} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {6F074E37-1372-420E-A991-CC5218EF85D1} - System32\Tasks\{C0C3A7B0-AE08-4BE2-88FA-B1A05C75E8AE} => C:\Users\Wisdom\Downloads\DriverUpdate-setup.exe
Task: {714F7ADE-572E-421B-910B-17B4FB319BC8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
Task: {7A3869A3-1E15-4704-BD8D-4CA6D1ED7B87} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
Task: {7C91B719-375C-4050-86C4-C31C9AD3A62D} - System32\Tasks\{E1BFA14F-EDD0-4AC5-B13D-A387BE8B5B9E} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {7D4B0350-0388-4BEE-A8B3-5D757CF05F8D} - System32\Tasks\{CB3A0D08-4B94-41BB-9CA4-AD96C0635B94} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {87606BAF-DA05-4B8F-AEE6-28B6C7D89370} - \{66E2CF7F-6D60-43DA-8063-EF2F50CF5A1E} -> No File <==== ATTENTION
Task: {8893405A-48F3-4E7F-9FC0-0896EED2519B} - System32\Tasks\{78222A44-3AD8-4E1F-815C-B0ABF17F2769} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {8A51EFF8-191C-4ABB-9364-E1A5E3C87B68} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {9B529139-AC89-42C2-A4DC-D2574659C74B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-17] (Google Inc.)
Task: {9D3CAABD-50B9-4CE6-A289-4670CD564601} - System32\Tasks\{487700E8-1124-404D-9F3C-269445ED4B9A} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {9E71E77A-13C7-4633-88DD-C68346A88EA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-17] (Google Inc.)
Task: {9F2A6AE3-4516-4C6A-95BE-016816E23FC3} - System32\Tasks\Opera scheduled Autoupdate 1468820690 => C:\Program Files (x86)\Opera\launcher.exe [2016-09-21] (Opera Software)
Task: {A45E1022-E4D9-48D0-AA3C-054C16EDA6FE} - System32\Tasks\{1BC105FF-9CFE-4734-AED1-C2D7EFA60131} => C:\Users\Wisdom\Downloads\DriverUpdate-setup.exe
Task: {AB7FDA6F-7113-40E7-AEB6-94B0ED5F31F8} - System32\Tasks\{7047F4DB-6870-4717-9982-5A49EDEDF1F2} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {ACDF1747-4093-42D6-B507-DBC76B71FD09} - System32\Tasks\{6FF49E0C-AC09-4088-82F2-AD3B0ADBA18B} => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe [2016-06-30] (Adobe Systems Incorporated)
Task: {BEED611D-87A0-428F-B6C1-9EE053E8E3E8} - \{1FC815F4-7F3F-4BBA-B82D-E53C4EA72C29} -> No File <==== ATTENTION
Task: {C2C62C74-3C19-4F33-94A7-59A6B7190740} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-16] (Dropbox, Inc.)
Task: {D5973D8A-5010-48B6-8369-599016125CE9} - System32\Tasks\{B6CA09CE-C61F-41C8-B28A-2B7F19FA8225} => pcalua.exe -a "C:\Users\Wisdom\Downloads\acrobatviewer Compass 2016 Renewal.exe" -d C:\Users\Wisdom\Downloads
Task: {D653394C-A1E0-4A36-878D-01F5BBD8BCEE} - System32\Tasks\{5CC78F3C-6F61-4732-B1A4-EFF9DBCD91E3} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {D87384E8-E280-4CED-8B11-268F1842CBF1} - \{3C2F8C3D-C4DD-4245-A319-5E5BAF99FD39} -> No File <==== ATTENTION
Task: {DCB69B98-EFCC-494D-A56B-AFC3E2F056E7} - \{3B89E92B-B3A1-4420-A7EE-8DD848268FA5} -> No File <==== ATTENTION
Task: {E89A2153-DCC1-4295-A61C-466D4E9D6D55} - System32\Tasks\{FD8FC707-F254-4E48-B560-4F5A3A11ACF0} => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe [2016-06-30] (Adobe Systems Incorporated)
Task: {F4B61CE2-CFD2-4504-BF87-05FE88537795} - System32\Tasks\{BF880DC9-FE6A-4736-B346-895E850FE969} => C:\Users\Wisdom\AppData\Local\AOL\AIM\aim.exe [2015-04-06] (AOL Inc.)
Task: {F9A42893-3EBD-47CD-BCA9-F358522774BF} - System32\Tasks\{AAF38694-CF2B-441A-A375-A8247D1AE5A3} => C:\Program Files (x86)\Opera\launcher.exe [2016-09-21] (Opera Software)
Task: {FA3566A5-F925-4C93-BECF-DF4AFBD411E5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-16] (Dropbox, Inc.)
Task: {FFF402ED-743A-4912-8673-79DAEFCAB8FD} - System32\Tasks\{4975D95F-D4DC-4221-8E2E-A8932B231BD6} => Chrome.exe 
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Wisdom\Desktop\moodstream.net (standard).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jhbfhdhkiompjaofhkiabbefdhbnhdlp
ShortcutWithArgument: C:\Users\Wisdom\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_jhbfhdhkiompjaofhkiabbefdhbnhdlp\moodstream.net (standard).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jhbfhdhkiompjaofhkiabbefdhbnhdlp
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Christmas Word Search Puzzles.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hfmfflckamnfleohfjdhklkjcfohbpfe
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Connectivity Diagnostics.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=eemlkeanncmjljgehlbplemhmdmalhdc
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Flair Player.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mpkhmenokpjamhajlajnldibdjkacgcp
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Movies & TV.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gdijeikdkaembjbdobgfkoidjkpbmlkd
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Journey (Diary, Journal).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jlncjaehedpdoinepaejmlpbmdkgmpog
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\moodstream.net (standard).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jhbfhdhkiompjaofhkiabbefdhbnhdlp
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Pixlr Touch Up.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jklljiahjgoglchglekebfljnmbaleig
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Plex.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=fpniocchabmgenibceglhnfeimmdhdfm
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Polarr Photo Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=djonnbgfieijldcieafgjcnhmpcfpmgg
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Songist.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=nnchdmhblnennhiogcnojdodjgjcdehk
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sunrise Calendar.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mojepfklcankkmikonjlnidiooanmpbb
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\WeatherBug.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=njkkjobcechefaoknodniidfjapgfoco
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Word Search Puzzle Game.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jninklaodadoeedinndhhlcflpmagfhd
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\moodstream.net (standard) (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jhbfhdhkiompjaofhkiabbefdhbnhdlp
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\moodstream.net (standard).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jhbfhdhkiompjaofhkiabbefdhbnhdlp
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\moodstream.net (standard).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jhbfhdhkiompjaofhkiabbefdhbnhdlp
ShortcutWithArgument: C:\Users\Wisdom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\moodstream.net (standard).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jhbfhdhkiompjaofhkiabbefdhbnhdlp
 
==================== Loaded Modules (Whitelisted) ==============
 
2010-03-05 09:21 - 2010-03-05 09:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2016-03-24 03:47 - 2016-09-05 10:50 - 08921800 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-02-24 19:31 - 2016-04-17 13:20 - 01047520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-RANSOMWARE\arwlib.dll
2016-05-16 15:41 - 2016-06-16 16:05 - 05908968 _____ () C:\Users\Wisdom\AppData\Local\Amazon Music\Amazon Music Helper.exe
2016-02-24 19:31 - 2016-02-08 17:01 - 00759808 _____ () C:\Program Files\Malwarebytes\Anti-Ransomware\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-15 06:42 - 2016-09-13 22:52 - 02280264 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-15 06:42 - 2016-09-13 22:52 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01041208 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00244536 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-12-14 19:26 - 2015-12-14 19:26 - 40578048 _____ () C:\Program Files (x86)\DishAnywhereDesktop\libcef.dll
2016-09-20 02:25 - 2016-08-24 00:43 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-09-20 02:23 - 2016-08-24 00:43 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-09-20 02:23 - 2016-08-24 00:43 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-09-20 02:23 - 2016-08-24 00:43 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-09-20 02:25 - 2016-08-24 00:43 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-09-20 02:25 - 2016-08-24 00:43 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-09-20 02:25 - 2016-09-19 21:15 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-09-20 02:25 - 2016-08-24 00:43 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-09-20 02:22 - 2016-09-19 21:15 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-09-20 02:25 - 2016-08-24 00:43 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-09-20 02:22 - 2016-09-19 21:15 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-09-20 02:22 - 2016-09-19 21:15 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-09-20 02:25 - 2016-09-19 21:15 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-09-20 02:23 - 2016-09-19 21:15 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-09-20 02:23 - 2016-09-19 21:15 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-09-20 02:23 - 2016-08-24 00:43 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-09-20 02:23 - 2016-08-24 00:45 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-09-20 02:25 - 2016-09-19 21:15 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-09-20 02:25 - 2016-09-19 21:15 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-09-20 02:22 - 2016-09-19 21:15 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-09-20 02:22 - 2016-09-19 21:15 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-09-20 02:25 - 2016-08-24 00:43 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-09-20 02:25 - 2016-08-24 00:44 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-09-20 02:25 - 2016-09-19 21:15 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-09-20 02:25 - 2016-09-19 21:15 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-09-20 02:25 - 2016-09-19 21:15 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-09-20 02:25 - 2016-09-19 21:15 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-09-20 02:22 - 2016-09-19 21:15 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-09-20 02:25 - 2016-09-19 21:15 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-09-20 02:23 - 2016-09-19 21:15 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-09-20 02:23 - 2016-08-24 00:41 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-09-20 02:23 - 2016-09-19 21:15 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-09-20 02:23 - 2016-09-19 21:15 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-09-20 02:25 - 2016-08-24 00:43 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-09-20 02:23 - 2016-09-19 21:15 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-09-20 02:23 - 2016-09-19 21:15 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-09-20 02:23 - 2016-09-19 21:15 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-09-20 02:23 - 2016-09-19 21:15 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-09-20 02:23 - 2016-09-19 21:15 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-09-20 02:23 - 2016-09-19 21:15 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-09-20 02:25 - 2016-09-19 21:15 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-09-20 02:25 - 2016-08-24 00:45 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-09-20 02:25 - 2016-09-19 21:15 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-09-20 02:23 - 2016-09-19 21:15 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-09-20 02:23 - 2016-09-19 21:15 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-09-20 02:23 - 2016-09-19 21:15 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-09-20 02:23 - 2016-09-19 21:15 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2015-12-14 19:26 - 2015-12-14 19:26 - 01920000 _____ () C:\Program Files (x86)\DishAnywhereDesktop\ffmpegsumo.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\01823776.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\47969376.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\01823776.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\47969376.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2016-06-26 12:50 - 00000851 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-300878534-179229815-3550441383-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-300878534-179229815-3550441383-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Wisdom\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupreg: Aim => "C:\Program Files (x86)\AIM7\aim.exe" /d locale=en-US
MSCONFIG\startupreg: GoogleChromeAutoLaunch_9F5CAD100A747DBB12F56812C259F025 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: googletalk => C:\Users\Wisdom\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: OutlookOnDesktop => C:\Program Files (x86)\Outlook on the Desktop\OutlookDesktop.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{D9655139-F0D1-4FD8-AB40-AF9A4344D162}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0FBE1D04-C910-4B74-B90A-2DB6A9EEAF9A}] => (Allow) LPort=2869
FirewallRules: [{32B9C5EF-FCF4-4358-A7A6-D18A704C0223}] => (Allow) LPort=1900
FirewallRules: [{93B40261-C16B-4920-9E6F-706942A5A936}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{46B23CE6-C8C3-42F1-B363-028C770607CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3248CFDA-1497-4663-AF52-05F09E115581}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4EA679D-A58F-4BB3-AE56-628923295B26}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{B525DC4C-BA88-49E8-88F4-546E4379EF7F}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{AE1002CB-F767-480C-A690-AD23B2667740}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{AB96FA01-6ABB-4A45-A45C-ADEBB3880EAF}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{AD77CEBE-03D0-4E2C-B8AE-F1650BBC8C26}] => (Allow) C:\Program Files (x86)\AIM7\aim.exe
FirewallRules: [{E30307EE-AC88-4BB7-B7D4-FFCA87DB1D85}] => (Allow) C:\Program Files (x86)\AIM7\aim.exe
FirewallRules: [{017CF582-E592-4FA1-86FE-020742ACD2E8}] => (Allow) C:\Users\Wisdom\Downloads\Pidgin\pidgin.exe
FirewallRules: [{686CBB08-0F94-407D-B26E-16C2002815A9}] => (Allow) C:\Users\Wisdom\Downloads\Pidgin\pidgin.exe
FirewallRules: [{999E747E-C3E2-47CB-B011-28D9B6BD3651}] => (Allow) C:\Users\Wisdom\Downloads\Pidgin\pidgin.exe
FirewallRules: [{70A119E3-3114-44CE-832E-8B73473A2791}] => (Allow) C:\Users\Wisdom\Downloads\Pidgin\pidgin.exe
FirewallRules: [{F6B942FD-9C2B-4515-8DCD-43AAFB19E3B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7F1E8953-F946-4ED8-8D25-71C1342A584E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F90BF9AC-87D0-4CCC-B9A5-CF26214EB2E2}C:\users\wisdom\appdata\local\chromium\application\chrome.exe] => (Allow) C:\users\wisdom\appdata\local\chromium\application\chrome.exe
FirewallRules: [UDP Query User{27B99683-D7E2-4770-ADF4-08D521188D37}C:\users\wisdom\appdata\local\chromium\application\chrome.exe] => (Allow) C:\users\wisdom\appdata\local\chromium\application\chrome.exe
FirewallRules: [{857CC786-2CCA-4FC5-A395-E29B60F3D809}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{B6AEA7F6-67C0-4217-B210-9E7755DF1211}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DBFE4D16-F489-44FD-86C5-5FE66B3AB90E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{50276BCE-4653-4D40-B1FE-8B6248DC18AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3A6E0848-D113-49DD-9F94-C20C8F345960}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{DD1B0BDC-B301-473F-8957-5E07FB99DDA8}C:\program files (x86)\dishanywheredesktop\dishanywhereplayer.exe] => (Allow) C:\program files (x86)\dishanywheredesktop\dishanywhereplayer.exe
FirewallRules: [UDP Query User{C030AF5C-73D1-45E3-B7F2-50165108C120}C:\program files (x86)\dishanywheredesktop\dishanywhereplayer.exe] => (Allow) C:\program files (x86)\dishanywheredesktop\dishanywhereplayer.exe
FirewallRules: [TCP Query User{944976C9-5680-48EE-84B9-CD7F55C0C1A7}C:\program files (x86)\dishanywheredesktop\dishanywhereplayer.exe] => (Block) C:\program files (x86)\dishanywheredesktop\dishanywhereplayer.exe
FirewallRules: [UDP Query User{7B40F9C6-E6B0-46A2-91F5-04AF93CCB6A7}C:\program files (x86)\dishanywheredesktop\dishanywhereplayer.exe] => (Block) C:\program files (x86)\dishanywheredesktop\dishanywhereplayer.exe
FirewallRules: [{CC81BD20-CD40-432F-A7C1-43C7D7A315F5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5A2738E1-9D5B-49E3-8A8D-55D14B54FF52}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{68EDCA82-1469-4441-BE7A-D321574F4121}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{A1AC6B0A-3305-4A5E-979D-085E3B816009}] => (Allow) C:\Program Files\iTunes\iTunes.exe
 
==================== Restore Points =========================
 
18-09-2016 12:15:48 Windows Update
19-09-2016 18:47:37 Windows Backup
19-09-2016 19:07:04 Windows Backup
21-09-2016 03:00:47 Windows Update
24-09-2016 16:42:29 Windows Update
25-09-2016 19:02:50 Windows Backup
27-09-2016 12:39:30 Windows Backup
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/27/2016 12:22:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (09/27/2016 12:21:45 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (09/27/2016 11:02:34 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (09/27/2016 11:01:28 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (09/27/2016 10:54:44 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (09/27/2016 10:40:33 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (09/27/2016 10:38:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
 
Error: (09/27/2016 12:21:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6911
 
Error: (09/27/2016 12:21:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6911
 
Error: (09/27/2016 12:21:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (09/27/2016 01:14:04 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.
 
Error: (09/27/2016 01:14:03 PM) (Source: cdrom) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\CdRom0.
 
Error: (09/27/2016 01:13:55 PM) (Source: cdrom) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\CdRom0.
 
Error: (09/27/2016 01:13:47 PM) (Source: cdrom) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\CdRom0.
 
Error: (09/27/2016 01:13:38 PM) (Source: cdrom) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\CdRom0.
 
Error: (09/27/2016 12:18:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service Installer TrueKey service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (09/27/2016 12:15:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
The dependency service or group failed to start.
 
Error: (09/27/2016 12:15:23 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
 
Error: (09/27/2016 12:14:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
AFD
DfsC
discache
ESProtectionDriver
mbamchameleon
mfehidk
MpFilter
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
vwififlt
Wanarpv6
WfpLwf
 
Error: (09/27/2016 12:14:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: 
The dependency service or group failed to start.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 83%
Total physical RAM: 2934.68 MB
Available physical RAM: 493.03 MB
Total Virtual: 5867.55 MB
Available Virtual: 1440.89 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:297.99 GB) (Free:237.91 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: DE56A11E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 
I HOPE THIS WILL TELL WHATS WRONG!!!!!
 
Thanks,
CandyGirl1959 :cowgirl:

Edit: Moved topic from Am I Infected to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,952 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 PM

Posted 30 September 2016 - 01:54 PM

Greetings CandyGirl1959 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me just a bit of time to review what you have posted.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,952 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 PM

Posted 30 September 2016 - 02:22 PM

Greetings and thank you again for your patience.

Please do this.

===================================================

Uninstalling a Program using Add/Remove Program

--------------------

I recommend the uninstalling of the below listed program(s). If you desire to keep the program I would ask that you reinstall it following our efforts here.
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type appwiz.cpl and press Enter
  • A list of installed programs will be displayed
  • Uninstall the following by clicking on the program(s) below (and any other similar names) and selecting Remove or Uninstall

System Checkup 4.0

  • Reboot your computer
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it as fixlist.txt in the same location/folder as FRST.exe (<<<Important)
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction ? <======= ATTENTION
Tcpip\..\Interfaces\{E9464C29-3583-439E-9513-87A0B181BC85}: [NameServer] 0.0.0.0
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S2 Everything; "C:\Users\Wisdom\AppData\Local\Temp\Temp1_Everything-1.3.4.686.x86.zip\Everything.exe" -svc [X]
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
U0 SR; no ImagePath
U2 srservice; no ImagePath
2016-09-24 17:51 - 2016-09-24 17:51 - 00003584 _____ C:\Users\Wisdom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Wisdom\Downloads\*.tmp
2016-03-28 17:46 - 2016-03-28 17:46 - 6871040 _____ () C:\Program Files (x86)\GUT41CD.tmp
2015-12-20 16:51 - 2015-12-20 16:51 - 0000000 _____ () C:\Users\Wisdom\AppData\Local\{38DCCC50-160F-4350-9142-781747605D84}
2015-08-23 09:02 - 2015-08-23 09:02 - 0000000 _____ () C:\Users\Wisdom\AppData\Local\{546581A7-286B-4E10-9205-F965B313807F}
2015-11-07 10:48 - 2015-11-07 10:52 - 0000000 _____ () C:\Users\Wisdom\AppData\Local\{6CD2087C-44C1-4EC8-8B40-42ADCA9DD155}
Task: {35E46EC1-469E-42B5-B04F-9CD6F8E1E8F0} - \{3F4DAD9F-12D6-4E87-8C2A-BB7BBA028935} -> No File <==== ATTENTION
Task: {5A80E6FE-4EAF-48DD-8376-E7F9CE149CAC} - \{133DE5A9-A627-4878-8D7C-759987B66CCF} -> No File <==== ATTENTION
Task: {632E26BD-3565-495C-B5C0-A1823100AA9E} - \{EE4FDC6B-3DBF-4F42-86F2-0904BD9D42FD} -> No File <==== ATTENTION
Task: {255226A7-F3B3-427F-ABCB-243BC92DB75B} - System32\Tasks\{82A57340-BB1B-4397-AB6D-F9045FFF7BD1} => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {5BB3E442-F621-4756-BFC3-B327F9510FBF} - System32\Tasks\{CD6AEC69-CA09-40A0-8885-F5779E195DF9} => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
C:\Program Files\SlimCleaner Plus
Task: {87606BAF-DA05-4B8F-AEE6-28B6C7D89370} - \{66E2CF7F-6D60-43DA-8063-EF2F50CF5A1E} -> No File <==== ATTENTION
Task: {BEED611D-87A0-428F-B6C1-9EE053E8E3E8} - \{1FC815F4-7F3F-4BBA-B82D-E53C4EA72C29} -> No File <==== ATTENTION
Task: {D87384E8-E280-4CED-8B11-268F1842CBF1} - \{3C2F8C3D-C4DD-4245-A319-5E5BAF99FD39} -> No File <==== ATTENTION
Task: {DCB69B98-EFCC-494D-A56B-AFC3E2F056E7} - \{3B89E92B-B3A1-4420-A7EE-8DD848268FA5} -> No File <==== ATTENTION
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
  • Right click on FRST.exe, select Run as administrator then press the Fix button
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Did System Checkup uninstall?
  • Fixlog
  • Please describe your current symptoms

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 CandyGirl1959

CandyGirl1959
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Douglasville, GA
  • Local time:12:52 AM

Posted 02 October 2016 - 04:52 PM

 
Hi,
I have another problem, the power adapter is bad & battery on Dell dead, so i can't yet do what you ask. I'm purchasing new ones, should i buy brand or replacements? i'm on my Acer Aspire that i also need to fix i think it to is infected, but it to has key board problem. The only way i can use this one is type on Notepad, copy & paste. But can download. What do t=you want to do? I should have items for Dell sometime this next week, do you want to work on the Ascer while waiting for the Dell stuff? Please advise.
Thanks,
CandyGirl1959
:cowgirl:  :cowgirl:


#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,952 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 PM

Posted 02 October 2016 - 05:10 PM

We should keep this topic for your Dell.

Post another Topic for the Acer and I will pick up that topic to work on while we wait for your replacements. I never buy a brand name replacement adapter and/or battery but it is up to you.

Let me know when you have created another topic.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,952 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 PM

Posted 05 October 2016 - 07:28 PM

Greetings,

 

What is our status?


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,952 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 PM

Posted 06 October 2016 - 09:37 AM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 CandyGirl1959

CandyGirl1959
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Douglasville, GA
  • Local time:12:52 AM

Posted 07 October 2016 - 10:40 PM

I Have been trying & it so far says "wait searching for updates" & just sits there. Needless to say i'm frustrated
as heck with this, don't understand what's the problem. Can you adivise what to do about the problem?
Thanks, await your response, sorry i have not been in touch before now, i don't want you to think i take your help for granted.
I'm trying to get caught up on stuff.
Sincerely,
CandyGirl1959 :cowgirl: :cowgirl:



#9 CandyGirl1959

CandyGirl1959
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Douglasville, GA
  • Local time:12:52 AM

Posted 07 October 2016 - 10:52 PM

I'm sorry i posted wrong message here. I got the two problems i'm working on confused, disregard the previous mess.
I Will start on this hopefully by posting the logs once i get the parts in.
Thanks,
CandyGirl1959



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,952 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 PM

Posted 13 October 2016 - 08:17 PM

How are we doing?


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 CandyGirl1959

CandyGirl1959
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Douglasville, GA
  • Local time:12:52 AM

Posted 14 October 2016 - 07:41 PM

Wrong part sent, reordering

#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,952 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 PM

Posted 14 October 2016 - 09:53 PM

Thank you, I will leave the topic open.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,952 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 PM

Posted 21 October 2016 - 09:23 AM

Greetings,

Any word yet?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,952 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:52 PM

Posted 24 October 2016 - 09:22 AM

Greetings,

I see you have logged in since I requested an update but you have not replied. If you are unable to reply within 24 hours I will be permanently closing this topic and you will need to start a new topic.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 CandyGirl1959

CandyGirl1959
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Douglasville, GA
  • Local time:12:52 AM

Posted 25 October 2016 - 08:00 AM

Hello,

As much as i hate to close, i guess that would be the thing to do right now. I have had some unforeseen problems come up. If you would like to 

continue this alittle later i could message you & us begin. But if you don't want to will certainly understand, so i will leave it up to you. Just let

me know what you want to do.

Thanks for being so very patient with this & me.  I hate it but when i get sick i'm down for a little while due to my health problems, it has not been 

that i'm  ignoring you & your instructions.  But there are some days i'm totally just barely able to take care of daily functions, which is why i'm Disabled & 

on Disability. I would love to work with you on this once i get where i can. I have surgery coming up that hopefully will help me & i can get back to

working on the Dell laptop. So i will look for your answer.  Again THANK YOU so very MUCH!!!!

 

May God Bless You,

CandyGirl1959 :cowgirl:  :cowgirl:  :halloween:  :thumbup2:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users