Solved Is Win10 & Defender/Security that good?

glhglh · Apr 15, 2016

After close to a year, I don't seem to have slow down problems, except in Internet Explorer. Prior Windows products received viruses every few months. these two scans are a check to see if anything has planted itself on my computer. thanks for the help:

frst.txt: (first 47000 characters)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
Ran by garyh (administrator) on GLH-DESKTOP-I7 (15-04-2016 13:09:00)
Running from C:\Users\garyh\Desktop\Virus
Loaded Profiles: garyh (Available Profiles: iBuyPower & garyh & QBDataServiceUser23 & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() E:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Fitbit, Inc.) E:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intuit, Inc.) E:\Program Files (x86)\Intuit\QuickBooks 2013\QBDBMgrN.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
() E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\Roxio Burn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) E:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe
(Fitbit, Inc.) E:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Logitech Inc.) E:\Program Files (x86)\Squeezebox\SqueezeTray.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intuit Inc.) E:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicatorCom.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Logitech Inc.) E:\Program Files (x86)\Squeezebox\server\SqueezeSvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe
(Piriform Ltd) E:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2015-06-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794704 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2015-05-29] (Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [286272 2015-06-07] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3776824 2015-11-10] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => E:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] => E:\Program Files (x86)\Roxio Creator NXT Pro 3\Common\RoxWatchTray15.exe [295112 2014-09-26] (Corel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [Fitbit Connect] => E:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [HP Officejet 7500 E910 (NET)] => C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [Google Update] => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [CCleaner Monitoring] => E:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [NETGEARGenie] => e:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2015-06-01] (NETGEAR Inc.)
HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [Fitbit Connect] => E:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2016-04-11] (Siber Systems)
HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\MountPoints2: {a0d7e724-3afa-11e5-9bc2-806e6f6e6963} - "D:\setup.exe"
HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150528 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2015-07-20]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Media Server Tray Tool.lnk [2015-06-12]
ShortcutTarget: Logitech Media Server Tray Tool.lnk -> E:\Program Files (x86)\Squeezebox\SqueezeTray.exe (Logitech Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2016-03-19]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2016-03-19]
ShortcutTarget: QuickBooks_Standard_21.lnk -> E:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-06-07]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\garyh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 7500 E910 (Network).lnk [2016-04-15]
ShortcutTarget: Monitor Ink Alerts - HP Officejet 7500 E910 (Network).lnk -> C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\garyh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-11-11]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (No File)
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d7f2a025-9c18-40d3-b84c-ca74bd845c1c}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nytimes.com/
HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.com/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-28] (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-11] (Siber Systems Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-28] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-02-28] (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-04-11] (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-11] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-04-11] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-11] (Siber Systems Inc.)
DPF: HKLM-x32 {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://benefitsinformation.webex.com/client/WBXclient-T29L10NSP13EP50-10011/nbr/ieatgpc1.cab
Handler-x32: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - E:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll [2016-02-10] (Intuit, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001 -> hxxp://www.nytimes.com/?WT.z_jog=1&hF=f&vS=undefined

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-02-28] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-28] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-13] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.0.0.112 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-06-07] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.0.0.112 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-06-07] (RealTimes)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1582027158-3427342393-2586192252-1001: @citrixonline.com/appdetectorplugin -> C:\Users\garyh\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-12-15] (Citrix Online)
FF Plugin HKU\S-1-5-21-1582027158-3427342393-2586192252-1001: @tools.google.com/Google Update;version=3 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-1582027158-3427342393-2586192252-1001: @tools.google.com/Google Update;version=9 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.nytimes.com/","hxxp://www.peacecorpskorea.com/","hxxps://www.facebook.com/","hxxps://translate.google.com/?hl=en"
CHR Profile: C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-06]
CHR Extension: (Google Docs) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-06]
CHR Extension: (Google Drive) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Google Sheets) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-06]
CHR Extension: (Google Docs Offline) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR Extension: (Gmail) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-06]
CHR Extension: (RoboForm Password Manager) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-03-19]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2016-04-11]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2016-04-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457960 2013-10-16] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [263168 2013-07-03] () [File not signed]
R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22760 2014-01-22] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2912496 2016-02-28] (Microsoft Corporation)
S2 dbupdate; c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-14] (Dropbox, Inc.)
S3 dbupdatem; c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-14] (Dropbox, Inc.)
R2 Fitbit Connect; E:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
S3 gusvc; E:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2015-06-06] (Google)
R2 HDRExpress3Service; e:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe [32784 2014-10-23] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 NETGEARGenieDaemon; e:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2015-06-01] (NETGEAR)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2016-02-10] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2013-10-01] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2013-10-01] (Intuit Inc.) [File not signed]
R3 QuickBooksDB23; E:\Program Files (x86)\Intuit\QuickBooks 2013\QBDBMgrN.exe [679936 2016-02-09] (Intuit, Inc.) [File not signed]
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1115224 2015-06-07] (RealNetworks, Inc.)
R2 RoxioBurnLauncher; E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe [535784 2013-10-16] ()
S3 RoxMediaDB15; E:\Program Files (x86)\Roxio Creator NXT Pro 3\Common\RoxMediaDB15.exe [1097928 2014-09-26] (Corel Corporation)
S2 RoxWatch15; E:\Program Files (x86)\Roxio Creator NXT Pro 3\Common\RoxWatch15.exe [342216 2014-09-26] (Corel Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2015-12-07] (CACE Technologies, Inc.)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-07-29] (Audials AG)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2013-10-16] (Corel Corporation)
R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2013-10-16] (Corel Corporation)
R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2013-10-16] (Corel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
U5 REALPLAYERUPDATESVC; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-15 12:39 - 2016-04-15 13:09 - 00000000 ____D C:\FRST
2016-04-15 12:36 - 2016-04-15 12:36 - 00000146 _____ C:\Users\garyh\Desktop\Windows Defender - Shortcut.lnk
2016-04-12 12:40 - 2016-04-01 21:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-12 12:40 - 2016-04-01 21:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-12 12:40 - 2016-04-01 20:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-12 12:40 - 2016-04-01 20:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-12 12:40 - 2016-04-01 20:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-12 12:40 - 2016-04-01 20:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-12 12:40 - 2016-04-01 20:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-12 12:40 - 2016-04-01 20:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-12 12:40 - 2016-04-01 20:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-12 12:40 - 2016-04-01 20:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-12 12:40 - 2016-04-01 20:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-12 12:40 - 2016-04-01 20:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-12 12:40 - 2016-03-29 03:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-12 12:40 - 2016-03-29 03:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-12 12:40 - 2016-03-29 03:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-12 12:40 - 2016-03-29 03:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 12:40 - 2016-03-29 03:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-12 12:40 - 2016-03-29 03:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-12 12:40 - 2016-03-29 03:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-12 12:40 - 2016-03-29 03:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-12 12:40 - 2016-03-29 02:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-12 12:40 - 2016-03-29 02:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-12 12:40 - 2016-03-29 02:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-12 12:40 - 2016-03-29 02:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-12 12:40 - 2016-03-29 02:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-12 12:40 - 2016-03-29 02:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-12 12:40 - 2016-03-29 02:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-12 12:40 - 2016-03-29 01:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-12 12:40 - 2016-03-29 01:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-12 12:40 - 2016-03-29 01:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-12 12:40 - 2016-03-29 01:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-12 12:40 - 2016-03-29 01:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-12 12:40 - 2016-03-29 01:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-12 12:40 - 2016-03-29 01:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-12 12:40 - 2016-03-29 01:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-12 12:40 - 2016-03-29 00:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-12 12:40 - 2016-03-29 00:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-12 12:40 - 2016-03-29 00:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-12 12:40 - 2016-03-29 00:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-12 12:40 - 2016-03-29 00:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-12 12:40 - 2016-03-29 00:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-12 12:40 - 2016-03-29 00:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-12 12:40 - 2016-03-29 00:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-12 12:40 - 2016-03-29 00:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-12 12:40 - 2016-03-29 00:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-12 12:40 - 2016-03-29 00:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-12 12:40 - 2016-03-29 00:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-12 12:40 - 2016-03-29 00:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-12 12:40 - 2016-03-29 00:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-12 12:40 - 2016-03-29 00:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-12 12:40 - 2016-03-29 00:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-12 12:40 - 2016-03-29 00:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-12 12:40 - 2016-03-29 00:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-12 12:40 - 2016-03-29 00:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-12 12:40 - 2016-03-29 00:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-12 12:40 - 2016-03-29 00:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-12 12:40 - 2016-03-29 00:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-12 12:40 - 2016-03-29 00:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-12 12:40 - 2016-03-29 00:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-12 12:40 - 2016-03-29 00:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-12 12:40 - 2016-03-29 00:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-12 12:40 - 2016-03-29 00:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-12 12:40 - 2016-03-29 00:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-12 12:40 - 2016-03-29 00:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-12 12:40 - 2016-03-29 00:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-12 12:40 - 2016-03-29 00:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-12 12:40 - 2016-03-29 00:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-12 12:40 - 2016-03-29 00:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-12 12:40 - 2016-03-29 00:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-12 12:40 - 2016-03-29 00:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-12 12:40 - 2016-03-29 00:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-12 12:40 - 2016-03-29 00:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-12 12:40 - 2016-03-29 00:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-12 12:40 - 2016-03-29 00:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-12 12:40 - 2016-03-29 00:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-12 12:40 - 2016-03-28 23:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-12 12:40 - 2016-03-28 23:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-12 12:40 - 2016-03-28 23:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-12 12:40 - 2016-03-28 23:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-12 12:40 - 2016-03-28 23:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-12 12:40 - 2016-03-28 23:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-12 12:40 - 2016-03-28 23:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-12 12:40 - 2016-03-28 23:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-12 12:40 - 2016-03-28 23:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-12 12:40 - 2016-03-28 23:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-12 12:40 - 2016-03-28 23:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-12 12:40 - 2016-03-28 23:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-12 12:40 - 2016-03-28 23:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-12 12:40 - 2016-03-28 23:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-12 12:40 - 2016-03-28 23:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-12 12:40 - 2016-03-28 23:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-12 12:40 - 2016-03-28 23:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-12 12:40 - 2016-03-28 23:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-12 12:40 - 2016-03-28 23:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-12 12:40 - 2016-03-28 23:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-12 12:40 - 2016-03-28 23:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-12 12:40 - 2016-03-28 23:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-12 12:40 - 2016-03-28 23:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-12 12:40 - 2016-03-28 23:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-12 12:40 - 2016-03-28 23:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-12 12:40 - 2016-03-28 23:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-12 12:40 - 2016-03-28 23:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-12 12:40 - 2016-03-28 23:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-12 12:40 - 2016-03-28 23:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-12 12:40 - 2016-03-28 23:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-12 12:40 - 2016-03-28 23:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-12 12:40 - 2016-03-28 23:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-12 12:40 - 2016-03-28 23:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-12 12:40 - 2016-03-28 23:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-12 12:40 - 2016-03-28 23:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-12 12:40 - 2016-03-28 23:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-12 12:40 - 2016-03-28 23:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-12 12:40 - 2016-03-28 23:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-12 12:40 - 2016-03-28 23:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-12 12:40 - 2016-03-28 22:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-12 12:40 - 2016-03-28 22:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-12 12:40 - 2016-03-28 22:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-12 12:40 - 2016-03-28 22:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-12 12:40 - 2016-03-28 22:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-12 12:40 - 2016-03-28 22:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-12 12:40 - 2016-03-28 22:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-12 12:40 - 2016-03-28 22:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-12 12:40 - 2016-03-28 22:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-12 12:40 - 2016-03-28 22:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-12 12:40 - 2016-03-28 22:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-12 12:40 - 2016-03-28 22:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-12 12:40 - 2016-03-28 22:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-12 12:40 - 2016-03-28 22:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-12 12:40 - 2016-03-28 22:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-12 12:40 - 2016-03-28 22:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-12 12:40 - 2016-03-28 22:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-12 12:40 - 2016-03-28 22:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-12 12:40 - 2016-03-28 22:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-12 12:39 - 2016-04-01 21:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-12 12:39 - 2016-04-01 21:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-12 12:39 - 2016-04-01 20:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-12 12:39 - 2016-04-01 20:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-12 12:39 - 2016-04-01 20:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-12 12:39 - 2016-04-01 20:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-12 12:39 - 2016-04-01 20:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-12 12:39 - 2016-04-01 20:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-12 12:39 - 2016-04-01 20:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-12 12:39 - 2016-04-01 20:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-12 12:39 - 2016-04-01 20:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-12 12:39 - 2016-03-29 03:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-12 12:39 - 2016-03-29 03:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-12 12:39 - 2016-03-29 03:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-12 12:39 - 2016-03-29 03:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-12 12:39 - 2016-03-29 03:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-12 12:39 - 2016-03-29 02:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-12 12:39 - 2016-03-29 02:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-12 12:39 - 2016-03-29 02:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-12 12:39 - 2016-03-29 02:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-12 12:39 - 2016-03-29 02:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-12 12:39 - 2016-03-29 02:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-12 12:39 - 2016-03-29 02:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-12 12:39 - 2016-03-29 02:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-12 12:39 - 2016-03-29 02:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-12 12:39 - 2016-03-29 02:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-12 12:39 - 2016-03-29 02:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-12 12:39 - 2016-03-29 01:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-12 12:39 - 2016-03-29 01:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-12 12:39 - 2016-03-29 01:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-12 12:39 - 2016-03-29 01:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-12 12:39 - 2016-03-29 01:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-12 12:39 - 2016-03-29 01:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-12 12:39 - 2016-03-29 01:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-12 12:39 - 2016-03-29 01:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-12 12:39 - 2016-03-29 01:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-12 12:39 - 2016-03-29 01:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-12 12:39 - 2016-03-29 01:07 - 00092160 _____ (Microsoft Corporation)

glhglh · Apr 15, 2016

Next 22000 of frst.txt:

C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-12 12:39 - 2016-03-29 01:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-12 12:39 - 2016-03-29 01:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-12 12:39 - 2016-03-29 01:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-12 12:39 - 2016-03-29 01:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-12 12:39 - 2016-03-29 01:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-12 12:39 - 2016-03-29 01:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-12 12:39 - 2016-03-29 01:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-12 12:39 - 2016-03-29 00:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-12 12:39 - 2016-03-29 00:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-12 12:39 - 2016-03-29 00:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-12 12:39 - 2016-03-29 00:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-12 12:39 - 2016-03-29 00:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-12 12:39 - 2016-03-29 00:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-12 12:39 - 2016-03-29 00:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-12 12:39 - 2016-03-29 00:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-12 12:39 - 2016-03-29 00:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-12 12:39 - 2016-03-29 00:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-12 12:39 - 2016-03-29 00:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-12 12:39 - 2016-03-29 00:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-12 12:39 - 2016-03-29 00:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-12 12:39 - 2016-03-29 00:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-12 12:39 - 2016-03-29 00:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-12 12:39 - 2016-03-29 00:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-12 12:39 - 2016-03-29 00:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-12 12:39 - 2016-03-29 00:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-12 12:39 - 2016-03-29 00:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-12 12:39 - 2016-03-29 00:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-12 12:39 - 2016-03-29 00:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-12 12:39 - 2016-03-29 00:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-12 12:39 - 2016-03-29 00:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-12 12:39 - 2016-03-29 00:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-12 12:39 - 2016-03-29 00:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-12 12:39 - 2016-03-29 00:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-12 12:39 - 2016-03-29 00:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-12 12:39 - 2016-03-29 00:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-12 12:39 - 2016-03-29 00:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-12 12:39 - 2016-03-29 00:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-12 12:39 - 2016-03-29 00:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-12 12:39 - 2016-03-29 00:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-12 12:39 - 2016-03-29 00:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-12 12:39 - 2016-03-29 00:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-12 12:39 - 2016-03-29 00:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-12 12:39 - 2016-03-29 00:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-12 12:39 - 2016-03-29 00:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 12:39 - 2016-03-29 00:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-12 12:39 - 2016-03-29 00:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-12 12:39 - 2016-03-29 00:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-12 12:39 - 2016-03-29 00:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-12 12:39 - 2016-03-29 00:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-12 12:39 - 2016-03-29 00:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-12 12:39 - 2016-03-29 00:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-12 12:39 - 2016-03-29 00:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-12 12:39 - 2016-03-29 00:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-12 12:39 - 2016-03-29 00:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-12 12:39 - 2016-03-29 00:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-12 12:39 - 2016-03-29 00:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-12 12:39 - 2016-03-29 00:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-12 12:39 - 2016-03-29 00:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-12 12:39 - 2016-03-29 00:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-12 12:39 - 2016-03-29 00:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-12 12:39 - 2016-03-29 00:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-12 12:39 - 2016-03-29 00:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-12 12:39 - 2016-03-29 00:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-12 12:39 - 2016-03-29 00:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-12 12:39 - 2016-03-29 00:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-12 12:39 - 2016-03-29 00:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-12 12:39 - 2016-03-29 00:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-12 12:39 - 2016-03-29 00:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-12 12:39 - 2016-03-29 00:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-12 12:39 - 2016-03-28 23:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-12 12:39 - 2016-03-28 23:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-12 12:39 - 2016-03-28 23:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-12 12:39 - 2016-03-28 23:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-12 12:39 - 2016-03-28 23:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-12 12:39 - 2016-03-28 23:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-12 12:39 - 2016-03-28 23:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-12 12:39 - 2016-03-28 23:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 12:39 - 2016-03-28 23:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-12 12:39 - 2016-03-28 23:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-12 12:39 - 2016-03-28 23:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-12 12:39 - 2016-03-28 23:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-12 12:39 - 2016-03-28 23:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-12 12:39 - 2016-03-28 23:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-12 12:39 - 2016-03-28 23:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-12 12:39 - 2016-03-28 23:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-12 12:39 - 2016-03-28 23:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-12 12:39 - 2016-03-28 23:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-12 12:39 - 2016-03-28 23:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-12 12:39 - 2016-03-28 23:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-12 12:39 - 2016-03-28 23:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-12 12:39 - 2016-03-28 23:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-12 12:39 - 2016-03-28 23:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-12 12:39 - 2016-03-28 23:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-12 12:39 - 2016-03-28 23:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-12 12:39 - 2016-03-28 23:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-12 12:39 - 2016-03-28 23:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-12 12:39 - 2016-03-28 23:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-12 12:39 - 2016-03-28 23:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-12 12:39 - 2016-03-28 23:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-12 12:39 - 2016-03-28 23:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-12 12:39 - 2016-03-28 23:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-12 12:39 - 2016-03-28 23:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-12 12:39 - 2016-03-28 23:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-12 12:39 - 2016-03-28 23:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-12 12:39 - 2016-03-28 23:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-12 12:39 - 2016-03-28 23:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-12 12:39 - 2016-03-28 22:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-12 12:39 - 2016-03-28 22:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-12 12:39 - 2016-03-28 22:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-12 12:39 - 2016-03-28 22:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-12 12:39 - 2016-03-28 22:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-12 12:39 - 2016-03-28 22:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-12 12:39 - 2016-03-28 22:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-12 12:39 - 2016-03-28 22:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-11 09:27 - 2016-04-11 09:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2016-04-11 09:26 - 2016-04-11 09:26 - 00000000 ____D C:\Program Files (x86)\Siber Systems
2016-04-11 09:25 - 2016-04-11 09:25 - 00002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-04-08 12:32 - 2016-04-08 12:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-04 11:54 - 2016-04-04 11:54 - 00000000 ____D C:\Users\garyh\Desktop\Untitled Export
2016-03-19 10:31 - 2016-03-19 10:31 - 00001955 _____ C:\Users\Public\Desktop\QuickBooks Pro 2013.lnk
2016-03-18 12:11 - 2016-03-18 12:11 - 01431818 _____ C:\Users\garyh\Desktop\Document3.pdf
2016-03-18 10:36 - 2016-03-18 10:36 - 00101752 _____ C:\Users\garyh\Desktop\Martina.pdf
2016-03-18 10:36 - 2016-03-18 10:36 - 00060781 _____ C:\Users\garyh\Desktop\martina 2.pdf
2016-03-18 08:07 - 2016-03-18 08:07 - 04494767 _____ C:\Users\garyh\Desktop\N.Y.T., Shame & Guilt, 318'16, D. Brooks.pdf
2016-03-17 16:56 - 2016-03-17 16:56 - 00000000 ____D C:\Users\garyh\AppData\LocalLow\WebEx
2016-03-17 16:56 - 2016-03-17 16:56 - 00000000 ____D C:\Users\garyh\AppData\Local\WebEx
2016-03-17 16:56 - 2016-03-17 16:56 - 00000000 ____D C:\ProgramData\WebEx
2016-03-16 09:09 - 2016-03-16 09:09 - 00000000 ____D C:\ProgramData\Office Timeline
2016-03-16 09:09 - 2016-03-16 09:09 - 00000000 ____D C:\ProgramData\IsolatedStorage
2016-03-16 09:08 - 2016-03-16 09:08 - 00000000 ____D C:\Program Files (x86)\Office Timeline

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-15 13:09 - 2015-06-15 16:17 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001UA.job
2016-04-15 13:09 - 2015-06-08 15:09 - 00000000 ____D C:\Users\garyh\Desktop\Virus
2016-04-15 13:01 - 2015-12-07 12:10 - 00000000 ____D C:\Users\garyh\AppData\Local\CrashDumps
2016-04-15 12:44 - 2015-06-06 14:25 - 00000906 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-04-15 12:37 - 2015-06-06 11:25 - 00002259 _____ C:\WINDOWS\epplauncher.mif
2016-04-15 12:36 - 2015-12-15 10:02 - 00000592 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1582027158-3427342393-2586192252-1001.job
2016-04-15 12:30 - 2015-11-16 18:34 - 01725576 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-15 12:30 - 2015-11-16 18:30 - 00564462 _____ C:\WINDOWS\system32\perfh012.dat
2016-04-15 12:30 - 2015-11-16 18:30 - 00158478 _____ C:\WINDOWS\system32\perfc012.dat
2016-04-15 12:30 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-15 12:26 - 2015-11-16 18:35 - 00000000 ____D C:\Users\garyh
2016-04-15 12:26 - 2015-06-06 14:25 - 00000902 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-04-15 12:26 - 2015-06-06 11:07 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-15 12:24 - 2015-11-16 18:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-15 12:24 - 2015-11-16 18:34 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-15 12:24 - 2015-11-16 18:33 - 00512032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-15 12:23 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-15 12:23 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-15 12:23 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-15 12:23 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-15 12:23 - 2015-10-29 23:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-15 12:14 - 2015-07-21 09:35 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-15 11:42 - 2015-08-04 18:23 - 00000000 ____D C:\Users\garyh\AppData\Local\Packages
2016-04-15 11:39 - 2015-12-15 10:02 - 00000688 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1582027158-3427342393-2586192252-1001.job
2016-04-15 09:58 - 2015-08-05 08:54 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0A67693B-C4D2-43F4-8D9C-F95F60CE280C}
2016-04-14 19:09 - 2015-06-15 16:17 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001Core.job
2016-04-14 15:48 - 2015-12-15 10:02 - 00003856 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1582027158-3427342393-2586192252-1001
2016-04-14 15:48 - 2015-12-15 10:02 - 00003760 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1582027158-3427342393-2586192252-1001
2016-04-13 16:45 - 2010-11-20 20:27 - 00453280 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-13 10:53 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 10:52 - 2015-05-29 11:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 10:51 - 2015-05-29 11:16 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-12 09:35 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-11 14:03 - 2015-07-14 16:40 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-11 09:35 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-11 09:29 - 2015-06-06 14:54 - 00004208 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm
2016-04-11 09:29 - 2015-06-06 14:54 - 00003590 _____ C:\WINDOWS\System32\Tasks\Run RoboForm TaskBar Icon
2016-04-08 12:32 - 2015-06-14 12:33 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-04-06 11:32 - 2015-10-30 00:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 11:32 - 2015-10-30 00:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-31 11:46 - 2015-11-29 22:40 - 00000000 ____D C:\Users\garyh\AppData\Local\Deployment
2016-03-19 12:41 - 2015-06-06 14:21 - 00000000 ____D C:\Users\garyh\AppData\Local\Dropbox
2016-03-19 10:32 - 2015-06-12 09:46 - 00000089 _____ C:\WINDOWS\QBChanUtil_Trigger.ini
2016-03-19 10:31 - 2015-06-12 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks
2016-03-19 10:30 - 2015-11-16 18:35 - 00000000 ____D C:\Users\QBDataServiceUser23
2016-03-18 12:23 - 2015-06-07 12:44 - 00001853 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-03-17 16:56 - 2015-10-30 00:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-03-17 16:56 - 2015-08-19 09:58 - 00000000 ____D C:\Users\garyh\AppData\LocalLow\Temp
2016-03-16 09:17 - 2015-10-30 00:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

==================== Files in the root of some directories =======

2015-07-14 16:39 - 2015-07-15 15:19 - 48936960 _____ () C:\Program Files (x86)\GUT4F0A.tmp
2015-06-07 11:16 - 2015-06-07 11:17 - 1419368 ____T (CPUID) C:\Users\garyh\AppData\Roaming\cpuidsdk.dll
2015-06-07 11:16 - 2015-06-07 11:17 - 0159200 ____T () C:\Users\garyh\AppData\Roaming\CrashRpt1402.dll
2015-06-07 11:16 - 2015-06-07 11:17 - 0008214 ____T () C:\Users\garyh\AppData\Roaming\crashrpt_lang.ini
2015-06-07 11:16 - 2015-06-07 11:17 - 0997344 ____T () C:\Users\garyh\AppData\Roaming\CrashSender1402.exe
2015-06-07 11:16 - 2015-06-07 11:17 - 1080656 ____T (Microsoft Corporation) C:\Users\garyh\AppData\Roaming\dbghelp.dll
2015-06-12 10:05 - 2015-06-12 10:05 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-06-07 12:44 - 2016-03-18 12:23 - 0001853 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-08-19 08:51 - 2016-01-15 16:25 - 0000479 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-10-14 04:49 - 2014-10-14 04:49 - 0002465 _____ () C:\ProgramData\regid.2012-08.com.Corel,Roxio_76C7858E-078C-4C49-AB1A-2A7072664935.swidtag

Some files in TEMP:
====================
C:\Users\garyh\AppData\Local\Temp\RoboForm-Setup.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-04-09 11:45

==================== End of FRST.txt ============================

Addition.txt: (first 26000 characters)

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-04-2016
Ran by garyh (2016-04-15 13:09:20)
Running from C:\Users\garyh\Desktop\Virus
Windows 10 Pro Version 1511 (X64) (2015-11-17 01:42:07)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1582027158-3427342393-2586192252-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1582027158-3427342393-2586192252-503 - Limited - Disabled)
garyh (S-1-5-21-1582027158-3427342393-2586192252-1001 - Administrator - Enabled) => C:\Users\garyh
Guest (S-1-5-21-1582027158-3427342393-2586192252-501 - Limited - Disabled)
iBuyPower (S-1-5-21-1582027158-3427342393-2586192252-1000 - Administrator - Enabled) => C:\Users\iBuyPower
QBDataServiceUser23 (S-1-5-21-1582027158-3427342393-2586192252-1002 - Limited - Enabled) => C:\Users\QBDataServiceUser23

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
AmericasCardroom (HKLM-x32\...\296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE) (Version: 16.6 - IGSoft)
Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audials (HKLM-x32\...\{56E65057-D74D-4265-B2BC-0086546A1D75}) (Version: 14.0.43404.400 - Audials AG)
BCL easyConverter SDK 3 (Word Version) 64 (HKLM\...\{350CC85B-CA59-4F85-909D-8E4CDBF532FA}) (Version: 3.0.64 - BCL Technologies)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
ChromecastApp (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Citrix Online Launcher (HKLM-x32\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix)
Contents (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Corel FastFlick (HKLM-x32\...\_{10EC8494-8A92-49D8-9677-2483EB01F7F1}) (Version: 1.0.0.93 - Corel Corporation)
Corel PaintShop Pro X6 (HKLM-x32\...\_{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}) (Version: 16.2.0.20 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.8.0.203 - Corel Inc.)
Creator NXT 3 Content (x32 Version: 16.0.004 - Roxio) Hidden
Dazzle Video Capture DVC100 X64 Driver 1.06 (x32 Version: 1.06.0000 - Pinnacle) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Family Tree Maker 2014 (HKLM-x32\...\Family Tree Maker 2014) (Version: 22.0.207 - Ancestry.com, Inc.)
Family Tree Maker 2014 (Version: 22.0.207 - Ancestry.com, Inc.) Hidden
Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)
Full Flush Poker 8.2 (HKLM-x32\...\Full Flush Poker 8.2) (Version: 8.2.12.201509140800 - Full Flush Poker)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GoToMeeting 7.16.0.4800 (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\GoToMeeting) (Version: 7.16.0.4800 - CitrixOnline)
HDR Express 3 (HKLM-x32\...\HDR Express 3) (Version: 3.0.0.11677 - Unified Color Technologies)
HP Officejet 7500 E910 Basic Device Software (HKLM\...\{7CF50183-026B-418D-A26C-A254290BD824}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 7500 E910 Help (HKLM-x32\...\{24DC9885-E759-4BD2-8A20-D4AC509A7FDE}) (Version: 140.0.93.93 - Hewlett Packard)
HP Officejet 7500 E910 Product Improvement Study (HKLM\...\{CC9F7DAB-5F9B-43B1-882C-1CC2A231EF40}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ICA (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
ICA (x32 Version: 16.2.0.20 - Corel Corporation) Hidden
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
InstaRate (HKLM-x32\...\{7AABFAB3-D4D0-4316-A70A-72CC369A8A12}) (Version: 4.0.0 - DYMO Endicia)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
IPM_PSP_COM64 (Version: 16.2.0.20 - Corel Corporation) Hidden
IPM_VS_Pro (x32 Version: 1.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
iZotope Music & Speech Cleaner (HKLM-x32\...\iZotope Music & Speech Cleaner_is1) (Version: 1.00 - iZotope, Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
KakaoTalk (HKLM-x32\...\KakaoTalk) (Version: 2.1.1.1103 - Kakao Corp.)
LifeScan USB Device Driver vSL2.0 (Driver Removal) (HKLM-x32\...\LFSVCOMM&10C4&85A7) (Version: - LifeScan Inc)
Living Cookbook 2015 (HKLM-x32\...\Living Cookbook 2015) (Version: 5.0.85 - Radium Technologies, Inc.)
Living Cookbook 2015 (x32 Version: 5.0.85 - Radium Technologies) Hidden
Logitech Media Server 7.7.5 (HKLM-x32\...\Logitech Media Server_is1) (Version: 7.7.5 - Logitech)
Meter Drivers for OneTouch(R) Software (x32 Version: 1.10.0.0 - LifeScan) Hidden
Meter Drivers for OneTouch(R) Software (x32 Version: 1.9.1.0 - LifeScan) Hidden
Meter Drivers for OneTouch(R) Software v1.10.0.0 (HKLM-x32\...\InstallShield_{A2C173E1-FB29-4B31-8ED6-CBEE8025E00A}) (Version: 1.10.0.0 - LifeScan)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.6001.1068 - Microsoft Corporation)
Microsoft Office 365 ProPlus - ko-kr (HKLM\...\O365ProPlusRetail - ko-kr) (Version: 16.0.6001.1068 - Microsoft Corporation)
Microsoft Office 365 Support and Recovery Assistant (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\4415f693b586d348) (Version: 16.0.965.6 - Microsoft Corporation)
Microsoft Office 언어교정도구 2013 - 한국어 (HKLM\...\{90150000-001F-0412-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.12.00 - NETGEAR Inc.)
NVIDIA 3D Vision Driver 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.54 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6001.1068 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1068 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6001.1068 - Microsoft Corporation) Hidden
OneTouch Software (HKLM-x32\...\{82FEBE5D-61EC-4365-A213-2B278780945E}) (Version: - )
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 11.0 - PlotSoft LLC)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)
PSPPContent (x32 Version: 16.2.0.20 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 16.2.0.20 - Corel Corporation) Hidden
PSPPro64 (Version: 16.2.0.20 - Corel Corporation) Hidden
QuickBooks (x32 Version: 23.0.4016.2305 - Intuit Inc.) Hidden
QuickBooks Pro 2013 (HKLM-x32\...\{3C631966-387E-4054-85D9-BBFFABE32BD8}) (Version: 23.0.4012.2305 - Intuit Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.68.201.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.0) (Version: 18.0.0 - RealNetworks)
Rhapsody (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\8aa854a199af1b36) (Version: 6.17.16.0 - Rhapsody International Inc.)
RoboForm 7-9-18-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-18-5 - Siber Systems)
Roxio Creator NXT 3 Content (HKLM-x32\...\{2DF5BF6E-D32C-4B81-9012-F62B58AFF819}) (Version: 1.0.4.0 - Roxio)
Roxio Creator NXT Pro 3 (HKLM-x32\...\{7B4B9450-39C8-454A-AA2D-6548EE4D21EB}) (Version: 16.0.50.1 - Roxio)
Roxio Virtual Drive x64 (Version: 1.00.0000 - Roxio, Inc.) Hidden
Setup (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
Setup (x32 Version: 16.2.0.20 - Corel Corporation) Hidden
Share (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
TurboTax Business 2014 (HKLM-x32\...\TurboTax Business 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax Business 2015 (HKLM-x32\...\TurboTax Business 2015) (Version: 2015.0 - Intuit, Inc)
VSClassic (x32 Version: 1.0.0.93 - Corel Corporation) Hidden
VSPro (x32 Version: 1.0.0.93 - Corel Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{1F6DE925-8416-40D4-BC66-D69DB9D4360B}\InprocServer32 -> E:\Program Files (x86)\Roxio Creator NXT Pro 3\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)
CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\garyh\AppData\Local\Citrix\GoToMeeting\3911\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.29.2\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {010021D3-7468-4BE0-BB95-1E99953FFFE8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-02-28] (Microsoft Corporation)
Task: {020CDFF2-405F-4755-86F8-BAF383A7306B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {0286A298-A8B9-4D00-8CED-C19FAAF9D314} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {053B9102-DA14-4586-89EB-9240A170F9E7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {06827A60-3614-46B2-80CD-80AD103BBE68} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {0C8044B7-564C-4344-BFAF-C9BAC1451A6A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-02-28] (Microsoft Corporation)
Task: {15AF6BF3-EA88-4D9F-96F2-03646CB3A6D6} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {16CF9C2D-90FC-47CD-9015-8D5F5C826F8F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {17D257EE-4694-4A73-8236-914BE8949B7C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {1877D7EF-2BA4-4E22-A319-03401E06F013} - System32\Tasks\HPCustParticipation HP Officejet 7500 E910 => C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {19909A94-529E-43B0-BAB1-ABBA87990796} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {29C3DDF4-32D3-4B0E-A23E-F4453C3BA37B} - System32\Tasks\DropboxUpdateTaskMachineCore => c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-14] (Dropbox, Inc.)
Task: {36E052B8-60B8-44C6-B307-A38B845839E3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {444E8B98-2120-4CDD-8707-BE33754CD225} - System32\Tasks\DropboxUpdateTaskMachineUA => c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-14] (Dropbox, Inc.)
Task: {4589D9A4-8370-45BF-A1D6-1AE56143A5CF} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {46C0E4D1-21FB-424A-8F72-8A8A2BFC618E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {51C21FB6-DD43-4E1F-B2BE-0E5C99C29135} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {5279A8AE-46B0-46AA-A8A1-5FB2BB63E7B8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {548B8F39-71A9-45B4-8368-D24F97BBF07B} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {55CDD935-986B-49BD-98E2-44124B12CD1F} - System32\Tasks\{04203175-1EFD-48AD-AD2F-ADE80ED6A6E9} => E:\Program Files (x86)\LifeScan\OneTouch\Bin\OneTouch.exe [2010-10-29] (Lifescan, Inc.)
Task: {5A18E9CC-B380-440A-A894-00D1863C4FFC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {60263785-CC87-4026-A852-96A8C3E77124} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {65472034-27B1-4069-AE6E-4A92CD7785A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23] (Google Inc.)
Task: {66EE197C-3DA6-4750-8948-37B58E041103} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMLMJJHMJJGMMJJJHMCNOJKMHMGMCNLMMJPMKMCNNJOJHMNJCNJJJJHMGMJMNMLJKJMJMJMMJMJNJICMIMCNGMCNOMHMFMOMOMCNOMJMNMCNOMPMKMHMJMFMPMCNPMCNOMPMKMHMJMCNNMJNPICMOMFMEKMICNJJCKFMGMMMMMJNHICMEKMICNJJCKJNBJCMIJOJNIGIHJJNKJCMJNNICMJNDJCMKJBJJN (the data entry has 49 more characters).
Task: {6C3B4D40-BCD3-4A84-8F48-28A3588733B3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {6C76BBF0-3FEC-4EA5-A7F0-E59C91643893} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {6EA1C474-1477-4BC7-8AE3-AA6FBE99980D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {722BEF1A-4E17-4F22-B665-85ED51061FEF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {74E689BA-1DC7-42D3-A13B-E5A87AB0C6BE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7A513374-8710-4256-82F4-65DD82458D77} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {7D0AD3FD-9759-4B2C-BF9A-474DAD3E0881} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {822C2D6E-1031-4FCF-A869-CEA96F83C01E} - System32\Tasks\{88FFE30B-44F2-4C15-804E-4C25BAAEA64F} => pcalua.exe -a "E:\Dropbox\GLH Download\One Touch Verio IQ\onetouchsetup.exe" -d C:\Users\garyh\Desktop
Task: {84ABABEA-D515-499A-92C7-D491948F20FD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {8C78D663-6419-4E83-9FA8-9C4E0BF63B0E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {8DBC5BF8-CB88-4391-A981-1AD7C39A8F5B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8E67863A-61E2-4EF7-ADA9-A899604F47E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001UA => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8E9EB077-8E93-4C4B-AC23-2137259DAAF9} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {8FAA5D71-5329-4331-8EA6-FC4F8CF89562} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8FAD31C0-B191-4780-AA18-CEB660D5C293} - System32\Tasks\{86D647C4-0E71-4FC9-A15B-A3A9240B1764} => E:\Program Files (x86)\LifeScan\OneTouch\Bin\OneTouch.exe [2010-10-29] (Lifescan, Inc.)
Task: {9037D9B4-2274-4389-AC8A-2658012583E2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {939E325B-10C3-4FE9-8DD8-C7608651B61D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-02-28] (Microsoft Corporation)
Task: {93B46180-C213-4D15-A347-B23B754360C9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9691E867-E446-425B-A441-7DB3646A4DBA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9C78AFE9-1156-49AD-9016-A7D9685690E6} - System32\Tasks\{2EE708D3-AF0B-40B6-B84A-40E122817F95} => pcalua.exe -a "E:\Dropbox\GLH Download\Quickbooks\QB Pro 2013 R11\QuickBooksPro2013.exe" -d "E:\Dropbox\GLH Download\Quickbooks\QB Pro 2013 R11"
Task: {A05FDA29-9558-4679-80FB-B80444214EB1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {ABEC5067-563A-47D6-B689-0F650A15BF9A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {B032B24A-FD04-490E-BF8F-994CCDA15F61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-21] (Adobe Systems Incorporated)
Task: {B849B5BC-D88D-41C9-94ED-3D131EA119F9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {BB285A88-CE86-41E8-B079-DA7C726227C5} - System32\Tasks\G2MUpdateTask-S-1-5-21-1582027158-3427342393-2586192252-1001 => C:\Users\garyh\AppData\Local\Citrix\GoToMeeting\4800\g2mupdate.exe [2016-04-14] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {C1C40053-ED42-42EC-BFC3-661385B47A8E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {C23416C8-9F9D-4AE1-B15E-A396612BD210} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)
Task: {C833DCAE-33AC-43BF-BE50-B257C078880E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23] (Google Inc.)
Task: {C9A57C46-374F-44B4-B0F6-BE356E11189A} - System32\Tasks\G2MUploadTask-S-1-5-21-1582027158-3427342393-2586192252-1001 => C:\Users\garyh\AppData\Local\Citrix\GoToMeeting\4800\g2mupload.exe [2016-04-14] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {CFCBA3A2-5B16-495D-B23D-0EEBECB80122} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D09D6C48-4606-484E-8B36-5A8996D99EB6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {D2522F8D-341B-4616-AC03-52F7B724D609} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2016-04-11] (Siber Systems)
Task: {E2CCC9A0-B087-4DE2-A3B3-4AE5E6FE21B4} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {E6914100-4127-4247-AA70-505F830E19DC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)
Task: {EB2C04BC-793E-4A86-B6D6-17D7F45F4A1F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F1961095-2E7F-4A26-9C99-DE0D1F04FAA3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {F1B2935D-C89E-44F3-A426-40A1844D3C8C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {F1C9BA7D-4928-4BD5-A0AA-1C28C96BE954} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F258A9D3-A55D-41A3-B410-01AB24B32055} - System32\Tasks\{80489BCB-EE3D-4BE7-8EC5-3FF208178E34} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "E:\Program Files (x86)\LifeScan\OneTouch\Bin\OneTouch.exe"
Task: {F638E72F-3482-4DF7-A67E-54884BA4D375} - System32\Tasks\{A4A3037D-6915-4CFA-B777-F2345A305136} => E:\Program Files (x86)\LifeScan\OneTouch\Bin\OneTouch.exe [2010-10-29] (Lifescan, Inc.)
Task: {F9C68FEA-3FBF-4541-8604-D8D0330B2306} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001Core => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {FA507CC4-B915-47CD-BA6B-31892EB28757} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {FCA8C2E3-D6B7-4BBF-8791-F64EF14FFDB7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe

glhglh · Apr 15, 2016

Next 46000 characters of Addition.txt:

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1582027158-3427342393-2586192252-1001.job => C:\Users\garyh\AppData\Local\Citrix\GoToMeeting\4800\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1582027158-3427342393-2586192252-1001.job => C:\Users\garyh\AppData\Local\Citrix\GoToMeeting\4800\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001Core.job => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001UA.job => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 00:17 - 2015-10-30 00:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 00:18 - 2015-10-30 00:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-16 18:34 - 2015-08-06 17:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-16 03:13 - 2013-10-16 03:13 - 00457960 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
2014-01-22 02:04 - 2014-01-22 02:04 - 00022760 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
2016-02-24 14:26 - 2016-02-28 00:41 - 00171720 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2014-10-23 07:12 - 2014-10-23 07:12 - 00032784 _____ () e:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 06:45 - 2015-10-13 06:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-16 03:02 - 2013-10-16 03:02 - 00535784 _____ () E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe
2016-04-12 12:40 - 2016-03-29 03:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 12:40 - 2016-03-29 03:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2012-07-05 20:47 - 2012-07-05 20:47 - 00185488 _____ () C:\Program Files\Roxio\Roxio Burn\RB_ContextMenu64.dll
2016-04-12 12:39 - 2016-04-01 19:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-10-16 03:03 - 2013-10-16 03:03 - 01723624 _____ () E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\Roxio Burn.exe
2015-12-17 20:01 - 2015-12-06 21:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-12 12:39 - 2016-04-01 20:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-12 12:40 - 2016-04-01 20:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-12 12:40 - 2016-04-01 19:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-12 12:40 - 2016-04-01 20:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-06 09:41 - 2016-01-06 09:41 - 00062168 _____ () E:\Program Files\CCleaner\branding.dll
2014-01-22 02:04 - 2014-01-22 02:04 - 03322600 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BEngine.dll
2014-01-22 02:04 - 2014-01-22 02:04 - 00108776 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\Logging.dll
2014-01-22 02:04 - 2014-01-22 02:04 - 00524520 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\TRREngine.dll
2013-10-16 03:02 - 2013-10-16 03:02 - 00679144 _____ () E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\BBEngineAS.dll
2012-05-22 20:01 - 2012-05-22 20:01 - 00723600 _____ () E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\AS_Archive.dll
2014-12-11 18:40 - 2014-12-11 18:40 - 40622592 ____R () E:\Program Files (x86)\Fitbit Connect\libcef.dll
2015-11-19 18:00 - 2016-03-21 14:50 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-04-08 12:32 - 2016-03-21 14:51 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-04-08 12:32 - 2016-03-21 14:50 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-11-19 18:00 - 2016-03-21 14:50 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-11-19 18:00 - 2016-03-21 14:50 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-11-19 18:00 - 2016-04-08 11:20 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-11-19 18:00 - 2016-03-21 14:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-04-08 12:32 - 2016-03-21 14:50 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-11-19 18:00 - 2016-04-08 11:20 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-11-19 18:00 - 2016-03-21 14:50 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-04-08 12:32 - 2016-04-08 11:19 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-11-19 18:00 - 2016-03-21 14:51 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-04-08 12:32 - 2016-04-08 11:19 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-04-08 12:32 - 2016-04-08 11:19 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-11-19 18:00 - 2016-04-08 11:20 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-08 12:32 - 2016-04-08 11:19 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-04-08 12:32 - 2016-03-21 14:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-11-19 18:00 - 2016-03-21 14:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-11-19 18:00 - 2016-03-21 14:52 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-11-19 18:00 - 2016-03-21 14:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-01-21 12:45 - 2016-04-08 11:20 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-11-19 18:00 - 2016-03-21 14:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-11-19 18:00 - 2016-03-21 14:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-11-19 18:00 - 2016-03-21 14:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-11-19 18:00 - 2016-03-21 14:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-11-19 18:00 - 2016-03-21 14:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-11-19 18:00 - 2016-03-21 14:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-04-08 12:32 - 2016-04-08 11:19 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-11-19 18:00 - 2016-03-21 14:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-11-19 18:00 - 2016-03-21 14:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-04-08 12:32 - 2016-04-08 11:19 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-11-19 18:00 - 2016-04-08 11:20 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-11-19 18:00 - 2016-03-21 14:50 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-04-08 12:32 - 2016-03-21 14:50 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-04-08 12:32 - 2016-03-21 14:51 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-04-08 12:32 - 2016-04-08 11:19 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-04-08 12:32 - 2016-03-21 14:52 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-04-08 12:32 - 2016-04-08 11:19 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-04-08 12:32 - 2016-03-11 17:46 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-04-08 12:32 - 2016-04-08 11:19 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-01-21 12:45 - 2016-04-08 11:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-01-21 12:45 - 2016-04-08 11:20 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-01-21 12:45 - 2016-04-08 11:20 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-01-21 12:45 - 2016-04-08 11:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-04-08 12:32 - 2016-04-08 11:19 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-11-19 18:00 - 2016-03-21 14:52 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-01-21 12:45 - 2016-04-08 11:20 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-04-08 12:32 - 2016-04-08 11:19 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-04-08 12:32 - 2016-04-08 11:20 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-11-19 18:00 - 2016-03-21 14:51 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-04-08 12:32 - 2016-04-08 11:20 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-04-08 12:32 - 2016-04-08 11:20 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-04-08 12:32 - 2016-04-08 11:20 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-04-08 12:32 - 2016-04-08 11:20 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-04-08 12:32 - 2016-04-08 11:20 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-04-08 12:32 - 2016-04-08 11:20 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-04-08 12:32 - 2016-04-08 11:20 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-04-08 12:32 - 2016-04-08 11:20 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-04-08 12:32 - 2016-03-21 14:54 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-04-08 12:32 - 2016-03-21 14:54 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-03-22 19:04 - 2016-04-08 11:20 - 00025928 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2015-11-19 18:00 - 2016-04-08 11:20 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-08 12:32 - 2016-04-08 11:20 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-04-08 12:32 - 2016-04-08 11:20 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-06-14 12:41 - 2016-03-21 14:56 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00028774 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00024679 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\c5cce8d16a1bd48692b421dcf46d3396\Util.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00032878 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00024701 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00028779 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00020601 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\4461f48e31bde5c56b31b973b773de09\List.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00118918 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00082048 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00020576 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00036964 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\f233f63b6654362865c7577442edb9e3\Win32.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00020590 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00082033 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00024676 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00061540 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\e56c61f7248672819579325af3387035\POSIX.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00094334 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\eb138ef0e4282611dbf485a302784646\LibYAML.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00053340 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00184414 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\bd5179a413bc0c4b82eedc22c6cab101\re.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00024701 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-4164\93e7e3d6030f426844228042348210cf\Service.dll
2016-02-10 01:27 - 2016-02-10 01:27 - 00269080 _____ () E:\Program Files (x86)\Intuit\QuickBooks 2013\boost_regex-vc90-mt-p-1_33.dll
2016-02-10 01:27 - 2016-02-10 01:27 - 00529176 _____ () E:\Program Files (x86)\Intuit\QuickBooks 2013\BackupLib.dll
2016-02-10 01:28 - 2016-02-10 01:28 - 00021784 _____ () E:\Program Files (x86)\Intuit\QuickBooks 2013\QBCompressor.dll
2016-02-10 01:27 - 2016-02-10 01:27 - 00415512 _____ () E:\Program Files (x86)\Intuit\QuickBooks 2013\FtuEngine.dll
2016-02-10 01:28 - 2016-02-10 01:28 - 00128792 _____ () E:\Program Files (x86)\Intuit\QuickBooks 2013\QBProActiveCore.dll
2016-02-10 01:28 - 2016-02-10 01:28 - 00141592 _____ () E:\Program Files (x86)\Intuit\QuickBooks 2013\QBMAPILibrary.dll
2016-02-09 22:33 - 2016-02-09 22:33 - 00059904 _____ () E:\Program Files (x86)\Intuit\QuickBooks 2013\zlib1.dll
2016-02-10 01:27 - 2016-02-10 01:27 - 00176920 _____ () E:\Program Files (x86)\Intuit\QuickBooks 2013\boost_serialization-vc90-mt-p-1_33.dll
2016-02-10 01:27 - 2016-02-10 01:27 - 00578840 _____ () E:\Program Files (x86)\Intuit\QuickBooks 2013\FeaturesBridge.dll
2016-02-10 01:28 - 2016-02-10 01:28 - 00042776 _____ () E:\Program Files (x86)\Intuit\QuickBooks 2013\mbpopup.dll
2015-06-07 13:00 - 2015-06-07 13:00 - 00088640 _____ () C:\Program Files (x86)\Real\RealPlayer\CrashRpt\CrashRpt1402.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00020576 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00036964 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\f233f63b6654362865c7577442edb9e3\Win32.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00024676 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00061540 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\e56c61f7248672819579325af3387035\POSIX.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00020590 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00082033 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00118918 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00082048 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00028779 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00020601 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\4461f48e31bde5c56b31b973b773de09\List.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00024681 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\c199d3c1960e7aeeecb599487952bed2\HiRes.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00090213 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\961b0d62fa52b1dd29c795a822fbf1cf\DBI.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00024679 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\c5cce8d16a1bd48692b421dcf46d3396\Util.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00077824 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\7f177c338672436e01c4f0bdbcf94491\EV.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00138752 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\44727051c604ef6b79894b64d4c63832\Expat.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00041080 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\2b1fc61b36a6711ea149b18bf3b41500\Parser.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00030720 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\dacfd0ab9b5fd029ed8d29e4482b0775\XS.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00020590 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\fa9e3c814aa32db2ad5f17bdfbc22746\attributes.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00024694 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\c344fd5536724b2af2e6453833b60203\SHA1.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00094334 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\eb138ef0e4282611dbf485a302784646\LibYAML.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00053340 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00184414 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\bd5179a413bc0c4b82eedc22c6cab101\re.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00020592 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\b979ace6da01e63d651cce9ee2474fdc\Name.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00028774 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00182272 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\d0bf009923f29116535c26d228271d6d\Scan.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00024672 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\17d0b152e63e6bfe81b4b19588538896\mro.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00020596 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\3b7106dd14676048b10bbb09a990f74c\XS.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00032878 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00024695 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\cf5fe81e2f5dcbfecfd0495e1648c991\Unicode.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00024670 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\3a8764e0d7c5d453e01d9ad08cf7fb58\IO.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00361472 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\aff7ee779ea184f884ed432c30a58f5d\Scale.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00024701 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00061546 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\4f2c03383aab0133b8dc0a3fa2dd92fa\Storable.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00110705 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\7f2598c08178217a0e2c754f3d568f28\Byte.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00024679 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\c19d5e3dc664d9f4ce700001e2621cee\MD5.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00608256 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\e2e81dd6b3e5a36f0bdae076393cc11d\SQLite.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00001024 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\e2e81dd6b3e5a36f0bdae076393cc11d\icudt46.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00020596 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\d1c77e404b5c4b954fa537ed63c8fb7b\File.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00030208 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\0665c25e931c1ac0151b062449e91028\XSAccessor.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00020587 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\c668a322917d32a5ea22894518aa9897\Base64.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 04547584 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\38a10ee333cf1a9afec3f0acdf1bbebc\Scan.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00017920 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\8fedeb86a4a984edfc1fb255d4ea965c\XS.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00061547 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\bc147d83c7c868eeee67082dcf55430c\File.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00032881 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\b6bd87c968599725b8ab2e5c25d3046a\API.dll
2016-04-15 12:27 - 2016-04-15 12:27 - 00098415 ____R () C:\Users\garyh\AppData\Local\Temp\pdk-garyh-8528\19febd96672ffdb7ea244cef36aaa062\Zlib.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\sharepoint.com -> hxxps://nwgroup.sharepoint.com
IE restricted site: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\about.com -> hxxp://index.about.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\garyh\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\853_10151767637662483_491472491_n.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{16A020ED-EA20-4080-B50C-EE38AA182C8F}] => (Allow) LPort=31931
FirewallRules: [{561324C3-C6F2-4506-A2A0-6E63CB357B7A}] => (Allow) LPort=14714
FirewallRules: [{FDEC156F-53BA-4CB9-B1F6-3CE45F493F56}] => (Allow) LPort=12972
FirewallRules: [{F8A1F1D9-14BB-42C0-88D1-ACDC4FDAED04}] => (Allow) E:\Program Files (x86)\Audials\Audials 2016\Audials.exe
FirewallRules: [UDP Query User{A677FBD9-7B90-4329-9573-F5F53E6C848F}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [TCP Query User{B7139463-D604-47F9-9D2A-C1A87D0EAEA0}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{D6CAEBFC-6B35-4B05-BD53-E136DDB0BDE8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{76DF4009-D834-46B0-BA7E-872CDE355E7A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F9BFF867-180A-4C2D-88CE-5C6E0AB51F36}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FDC30CD0-757A-4369-8359-00C9628A63E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9BA983CD-6637-4F9B-9579-BC17A1E4759B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{B6FBB69C-812A-480A-8415-42E7CC29B864}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{CEB5C53F-8C1B-40F3-B73D-F4738A688C5A}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{FFDF3704-F410-403D-91D5-154616B6BBB1}] => (Allow) e:\Program Files (x86)\Squeezebox\server\SqueezeSvr.exe
FirewallRules: [{95CDBD1E-09D5-4268-9BC6-BB98BD681179}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\bin\FaxApplications.exe
FirewallRules: [{60B92B18-E7B6-46BD-BA8B-DFDDF0CD3E6C}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\bin\DigitalWizards.exe
FirewallRules: [{17B1384C-A6B7-422C-B7F2-23CF0E840F44}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\bin\SendAFax.exe
FirewallRules: [{8D294351-5AB1-4BDA-AFB5-27CDC95D2510}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\DeviceSetup.exe
FirewallRules: [{0B97616B-F131-4F0E-8345-02C1939EDE1D}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{682E5AD5-9CE3-4709-A3F4-5E248C20C938}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{22877C1F-F472-4282-BDD7-C472CF529CE8}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{C03DB45F-5A17-48F1-A376-48ED57899835}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [TCP Query User{C4133629-E94B-4D97-917C-D1383EC2C98D}E:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) E:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{F69B742A-850C-40C5-B4F5-9C2362F0D591}E:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) E:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [TCP Query User{3CC0AA5C-495E-4840-89F7-F4E64FFD37DA}E:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) E:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{3FEA5E21-6EEE-45CA-8D76-CEE51EDC48C6}E:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) E:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{412A587B-0CC5-44C2-A3A0-11677CA44B2D}] => (Allow) E:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5A87A198-75E9-4BBA-A073-961A5D324A23}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{7B9DC21E-AF49-4964-A94B-5AE0E7C5AB0C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0050F977-F02A-4541-8D08-8C49E53BA114}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{487D3A38-8AB1-48D6-B448-6C1EADCCE593}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{24FBC411-6563-4CA7-BD54-09DBC26F69D4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{BA8F08C5-699A-41B6-979B-B36316F35BCE}E:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Allow) E:\program files (x86)\kakao\kakaotalk\kakaotalk.exe
FirewallRules: [UDP Query User{AE64F0CC-76DD-4A57-8DBC-18053BE56650}E:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Allow) E:\program files (x86)\kakao\kakaotalk\kakaotalk.exe
FirewallRules: [{130E7B21-FFDC-47F6-8BEF-40CFA7391365}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{23F3726E-DB54-473C-892D-0C584D29A483}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{5A904AC0-6D42-4541-8C3E-C7EACC641A02}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{913D4605-ABC1-46AC-B501-7ACD74FCCC1D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{C0C08D55-41B3-4C1E-B186-2E181B6FDC9E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{D289A7E3-D552-42DF-A617-72E3E0962713}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{7D5C9928-DC84-4728-9177-8FAFDD198178}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{3779367F-A744-4F22-9A7B-69D75E3B832A}] => (Allow) c:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI)
DomainProfile\GloballyOpenPorts: [9001:TCP] => Enabled:Logitech Media Server 9001 tcp (UI)
DomainProfile\GloballyOpenPorts: [9002:TCP] => Enabled:Logitech Media Server 9002 tcp (UI)
DomainProfile\GloballyOpenPorts: [9003:TCP] => Enabled:Logitech Media Server 9003 tcp (UI)
DomainProfile\GloballyOpenPorts: [9004:TCP] => Enabled:Logitech Media Server 9004 tcp (UI)
DomainProfile\GloballyOpenPorts: [9005:TCP] => Enabled:Logitech Media Server 9005 tcp (UI)
DomainProfile\GloballyOpenPorts: [9006:TCP] => Enabled:Logitech Media Server 9006 tcp (UI)
DomainProfile\GloballyOpenPorts: [9007:TCP] => Enabled:Logitech Media Server 9007 tcp (UI)
DomainProfile\GloballyOpenPorts: [9008:TCP] => Enabled:Logitech Media Server 9008 tcp (UI)
DomainProfile\GloballyOpenPorts: [9009:TCP] => Enabled:Logitech Media Server 9009 tcp (UI)
DomainProfile\GloballyOpenPorts: [9010:TCP] => Enabled:Logitech Media Server 9010 tcp (UI)
DomainProfile\GloballyOpenPorts: [9100:TCP] => Enabled:Logitech Media Server 9100 tcp (UI)
DomainProfile\GloballyOpenPorts: [8000:TCP] => Enabled:Logitech Media Server 8000 tcp (UI)
DomainProfile\GloballyOpenPorts: [10000:TCP] => Enabled:Logitech Media Server 10000 tcp (UI)
DomainProfile\GloballyOpenPorts: [9090:TCP] => Enabled:Logitech Media Server 9090 tcp (UI)
DomainProfile\GloballyOpenPorts: [3483:UDP] => Enabled:Logitech Media Server 3483 udp
DomainProfile\GloballyOpenPorts: [3483:TCP] => Enabled:Logitech Media Server 3483 tcp
StandardProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI)
StandardProfile\GloballyOpenPorts: [9001:TCP] => Enabled:Logitech Media Server 9001 tcp (UI)
StandardProfile\GloballyOpenPorts: [9002:TCP] => Enabled:Logitech Media Server 9002 tcp (UI)
StandardProfile\GloballyOpenPorts: [9003:TCP] => Enabled:Logitech Media Server 9003 tcp (UI)
StandardProfile\GloballyOpenPorts: [9004:TCP] => Enabled:Logitech Media Server 9004 tcp (UI)
StandardProfile\GloballyOpenPorts: [9005:TCP] => Enabled:Logitech Media Server 9005 tcp (UI)
StandardProfile\GloballyOpenPorts: [9006:TCP] => Enabled:Logitech Media Server 9006 tcp (UI)
StandardProfile\GloballyOpenPorts: [9007:TCP] => Enabled:Logitech Media Server 9007 tcp (UI)
StandardProfile\GloballyOpenPorts: [9008:TCP] => Enabled:Logitech Media Server 9008 tcp (UI)
StandardProfile\GloballyOpenPorts: [9009:TCP] => Enabled:Logitech Media Server 9009 tcp (UI)
StandardProfile\GloballyOpenPorts: [9010:TCP] => Enabled:Logitech Media Server 9010 tcp (UI)
StandardProfile\GloballyOpenPorts: [9100:TCP] => Enabled:Logitech Media Server 9100 tcp (UI)
StandardProfile\GloballyOpenPorts: [8000:TCP] => Enabled:Logitech Media Server 8000 tcp (UI)
StandardProfile\GloballyOpenPorts: [10000:TCP] => Enabled:Logitech Media Server 10000 tcp (UI)
StandardProfile\GloballyOpenPorts: [9090:TCP] => Enabled:Logitech Media Server 9090 tcp (UI)
StandardProfile\GloballyOpenPorts: [3483:UDP] => Enabled:Logitech Media Server 3483 udp
StandardProfile\GloballyOpenPorts: [3483:TCP] => Enabled:Logitech Media Server 3483 tcp

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2016 01:01:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: Windows.UI.dll, version: 10.0.10586.122, time stamp: 0x56cc129c
Exception code: 0xc000041d
Fault offset: 0x0000000000022bcf
Faulting process id: 0x1bcc
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (04/15/2016 01:01:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10586.20, time stamp: 0x56540c35
Faulting module name: Windows.UI.dll, version: 10.0.10586.122, time stamp: 0x56cc129c
Exception code: 0xc0000005
Fault offset: 0x0000000000022bcf
Faulting process id: 0x1bcc
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (04/15/2016 12:37:46 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: GLH-DESKTOP-I7)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.

Error: (04/14/2016 11:10:18 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (04/13/2016 11:10:18 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (04/12/2016 11:10:21 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (04/11/2016 11:10:18 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (04/11/2016 09:27:28 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (04/10/2016 11:10:18 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (04/09/2016 11:10:18 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

System errors:
=============
Error: (04/15/2016 12:24:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
%%1058

Error: (04/15/2016 12:23:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_68be6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/15/2016 12:23:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_68be6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/15/2016 12:23:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_68be6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/15/2016 12:23:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_68be6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/12/2016 07:57:11 AM) (Source: DCOM) (EventID: 10010) (User: GLH-DESKTOP-I7)
Description: Cortana.ActionUris.ActionUri

Error: (04/11/2016 09:25:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
%%1058

Error: (04/11/2016 09:24:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_5638b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/11/2016 09:24:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_5638b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/11/2016 09:24:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_5638b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

CodeIntegrity:
===================================
Date: 2016-04-15 12:31:56.071
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-15 12:31:56.061
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-15 12:31:55.929
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-15 12:31:55.915
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-15 12:31:55.898
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-15 12:31:55.774
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-15 12:31:55.764
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-15 12:31:55.751
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-15 12:24:54.802
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-04-15 09:46:17.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 17%
Total physical RAM: 16322.37 MB
Available physical RAM: 13534.06 MB
Total Virtual: 32706.37 MB
Available Virtual: 29962.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:55.44 GB) NTFS
Drive d: (TurboTax 2015) (CDROM) (Total:0.14 GB) (Free:0 GB) CDFS
Drive e: (New Volume) (Fixed) (Total:931.51 GB) (Free:439.54 GB) NTFS
Drive f: (Shared Media Backup) (Fixed) (Total:465.76 GB) (Free:71.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5D226E4A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 23D9CB80)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

any anomalies?

Broni · Apr 15, 2016

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==================================

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
Otherwise just double-click on RogueKiller.exe
Pre-scan will start. Let it finish.
Click on SCAN button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.
If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

If you already have MBAM 2.0 installed:

On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Export'.
Click 'Text file (*.txt)'
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named 'File Saved' should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Scan button.
When the scan has finished click on Clean button.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

glhglh · Apr 17, 2016

Broni, Long time...

Part 1

RKreport.txt:

RogueKiller V12.1.2.0 [Apr 11 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.10586) 64 bits version
Started in : Normal mode
User : garyh [Administrator]
Started from : C:\Users\garyh\Desktop\Virus\RogueKiller.exe
Mode : Delete -- Date : 04/17/2016 14:20:29

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1582027158-3427342393-2586192252-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.nytimes.com/ -> Not selected
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1582027158-3427342393-2586192252-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.nytimes.com/ -> Not selected
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1582027158-3427342393-2586192252-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Not selected
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1582027158-3427342393-2586192252-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Not selected

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path] \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -- C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Scan -ScheduleJob -RestrictPrivileges) -> Not selected

¤¤¤ Files : 1 ¤¤¤
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F} -> Removed at reboot [91]
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\12A35B2A\8488E27\OleDump.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\12A35B2A\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\12A35B2A -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\198554BF\7F7C7AF4\msvcr100.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\198554BF\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\198554BF -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1A4F7DF8\8488E27\XPBurn.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1A4F7DF8\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1A4F7DF8 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1B460650\8488E27\FTM.Configuration.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1B460650\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1B460650 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1E4E3813\8488E27\PeM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1E4E3813\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1E4E3813 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1E62B67A\8488E27\txkernel.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1E62B67A\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1E62B67A -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1EC98DFA\7F7C7AF4\People.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1EC98DFA\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1EC98DFA -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1EDC403E\7F7C7AF4\txic.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1EDC403E\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1EDC403E -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1F87D15C\8488E27\txtools.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1F87D15C\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\1F87D15C -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\20308316\7F7C7AF4\Sync.Shared.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\20308316\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\20308316 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\21BF327F\7F7C7AF4\MyFamily.FTM.Import.FTW.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\21BF327F\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\21BF327F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\227AE45E\7F7C7AF4\MyFamily.Shared.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\227AE45E\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\227AE45E -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\235F3B27\8488E27\tx19_gif.flt -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\235F3B27\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\235F3B27 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\237BEE48\7F7C7AF4\FTM.Data.DB.Converters.SQLite.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\237BEE48\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\237BEE48 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\24737E4F\8488E27\msvcp100.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\24737E4F\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\24737E4F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\24E9D179\7F7C7AF4\Sync.Manager.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\24E9D179\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\24E9D179 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\25B3B2DE\8488E27\ViewerManager.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\25B3B2DE\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\25B3B2DE -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2623CB8D\7F7C7AF4\FTM.Import.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2623CB8D\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2623CB8D -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\275295BC\7F7C7AF4\FTM.Shared.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\275295BC\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\275295BC -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2A5D3FC8\7F7C7AF4\FTM.Data.DB.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2A5D3FC8\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2A5D3FC8 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2AEA13D7\8488E27\Sync.Composite.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2AEA13D7\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2AEA13D7 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2AF33769\8488E27\Sync.Manager.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2AF33769\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2AF33769 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2B33DAD3\7F7C7AF4\ViewerManagerWrap.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2B33DAD3\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2B33DAD3 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2CC34330\8488E27\FTM.UI.Places.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2CC34330\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2CC34330 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2E185F76\7F7C7AF4\MyFamily.Shared.Data.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2E185F76\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\2E185F76 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\30D4E2F2\7F7C7AF4\tx19_rtf.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\30D4E2F2\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\30D4E2F2 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\31BBD60F\7F7C7AF4\PuM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\31BBD60F\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\31BBD60F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\3212E60\7F7C7AF4\FTM.Data.DB.Converters.DDA.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\3212E60\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\3212E60 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\342277B4\7F7C7AF4\txkernel.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\342277B4\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\342277B4 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\378041C4\7F7C7AF4\SoM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\378041C4\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\378041C4 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\3E3023F6\8488E27\tx19_xml.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\3E3023F6\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\3E3023F6 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\3EF1A640\8488E27\Sync.Data.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\3EF1A640\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\3EF1A640 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\434A715F\8488E27\Common.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\434A715F\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\434A715F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\479F8065\8488E27\FTM.Data.DB.DDA.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\479F8065\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\479F8065 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\4814E03B\7F7C7AF4\txpdf.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\4814E03B\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\4814E03B -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\49156AB2\8488E27\People.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\49156AB2\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\49156AB2 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\4A0F8E8B\7F7C7AF4\tx19_jpg.flt -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\4A0F8E8B\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\4A0F8E8B -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\4AE7F936\8488E27\Sync.Media.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\4AE7F936\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\4AE7F936 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\4C92F13A\8488E27\FTM.Data.DB.Converters.DDA.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\4C92F13A\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\4C92F13A -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\508164EB\7F7C7AF4\tx19_dox.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\508164EB\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\508164EB -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\50B739C5\7F7C7AF4\tx19_doc.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\50B739C5\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\50B739C5 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\529091F6\8488E27\ReM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\529091F6\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\529091F6 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\537DB77C\8488E27\MeM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\537DB77C\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\537DB77C -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\560C9D2\7F7C7AF4\PluginModule.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\560C9D2\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\560C9D2 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\582B3704\8488E27\tx19_pdf.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\582B3704\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\582B3704 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\59A8C9E\8488E27\Connectivity.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\59A8C9E\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\59A8C9E -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\59DA313C\8488E27\tx19_rtf.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\59DA313C\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\59DA313C -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\5C5A8381\7F7C7AF4\Media.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\5C5A8381\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\5C5A8381 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\5CE8A07\7F7C7AF4\Sync.Mapping.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\5CE8A07\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\5CE8A07 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6078611E\7F7C7AF4\Sync.Data.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6078611E\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6078611E -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\60E24946\8488E27\SoM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\60E24946\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\60E24946 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\62C78A20\8488E27\txic.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\62C78A20\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\62C78A20 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\68715F14\7F7C7AF4\txtools.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\68715F14\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\68715F14 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\69CCD2E2\7F7C7AF4\tx19_tif.flt -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\69CCD2E2\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\69CCD2E2 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6AF1EE03\8488E27\Sync.Manager.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6AF1EE03\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6AF1EE03 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6B9A4717\8488E27\MyFamily.FTM.Import.FTW.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6B9A4717\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6B9A4717 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6EE2EE84\8488E27\FTM.Data.DB.SQLite.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6EE2EE84\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6EE2EE84 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6F69503F\7F7C7AF4\FTM.Import.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6F69503F\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6F69503F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6F94C4A2\8488E27\Library.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6F94C4A2\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\6F94C4A2 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\70361D8D\7F7C7AF4\FTM.Data.DB.SQLite.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\70361D8D\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\70361D8D -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\712D61F8\7F7C7AF4\FTM.Services.Data.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\712D61F8\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\712D61F8 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7182199\8488E27\tx19_dox.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7182199\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7182199 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\72A811ED\7F7C7AF4\Sync.Shared.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\72A811ED\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\72A811ED -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\73DD832C\7F7C7AF4\PeM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\73DD832C\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\73DD832C -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\75B6878B\7F7C7AF4\tx19_pdf.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\75B6878B\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\75B6878B -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\76286599\7F7C7AF4\Sync.Media.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\76286599\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\76286599 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7A0C9661\8488E27\FTM.Services.Shared.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7A0C9661\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7A0C9661 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7A7B7E7D\7F7C7AF4\InLib.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7A7B7E7D\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7A7B7E7D -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7CBAFBBF\7F7C7AF4\Sync.Mapping.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7CBAFBBF\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7CBAFBBF -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7DAA7EA5\7F7C7AF4\ImportHelperLib.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7DAA7EA5\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\7DAA7EA5 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\804D8318\7F7C7AF4\WebServiceProxies.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\804D8318\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\804D8318 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\835A50EE\8488E27\Media.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\835A50EE\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\835A50EE -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\84209961\7F7C7AF4\Connectivity.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\84209961\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\84209961 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\871A6983\8488E27\MyFamily.Shared.Data.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\871A6983\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\871A6983 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\887F91C4\8488E27\tx19_doc.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\887F91C4\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\887F91C4 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\88D3F619\8488E27\PluginModule.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\88D3F619\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\88D3F619 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\8914A90C\7F7C7AF4\AutoBackupProcess.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\8914A90C\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\8914A90C -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\8ABDD44F\7F7C7AF4\Sync.Composite.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\8ABDD44F\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\8ABDD44F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\912B9B5F\8488E27\txpdf.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\912B9B5F\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\912B9B5F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\915F58B5\8488E27\FTM.Data.DB.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\915F58B5\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\915F58B5 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\93E50967\8488E27\SyncErrorReporter.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\93E50967\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\93E50967 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\951C9513\8488E27\msvcr100.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\951C9513\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\951C9513 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\952AD02E\8488E27\Sync.Media.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\952AD02E\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\952AD02E -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\968E06EF\8488E27\ViewerManagerWrap.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\968E06EF\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\968E06EF -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9C608CE2\8488E27\FTM.Import.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9C608CE2\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9C608CE2 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9CC3C907\8488E27\Sync.Mapping.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9CC3C907\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9CC3C907 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9D4E1BD\7F7C7AF4\PlcM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9D4E1BD\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9D4E1BD -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9EE0516B\8488E27\Convert.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9EE0516B\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9EE0516B -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9F716EA2\7F7C7AF4\SU.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9F716EA2\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\9F716EA2 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A05DF093\7F7C7AF4\tx19_bmp.flt -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A05DF093\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A05DF093 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A1334826\8488E27\Sync.Data.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A1334826\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A1334826 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A42996E5\7F7C7AF4\OleDump.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A42996E5\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A42996E5 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A5479FA5\7F7C7AF4\Common.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A5479FA5\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A5479FA5 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A5EFB9FE\7F7C7AF4\Sync.Media.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A5EFB9FE\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A5EFB9FE -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A60C9B67\7F7C7AF4\SyncErrorReporter.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A60C9B67\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A60C9B67 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A69FA66E\7F7C7AF4\Convert.exe.config -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A69FA66E\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A69FA66E -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A89DFC78\8488E27\PlM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A89DFC78\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A89DFC78 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A964E79B\7F7C7AF4\FTM.Configuration.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A964E79B\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\A964E79B -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\AA0143A5\8488E27\tx19_jpg.flt -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\AA0143A5\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\AA0143A5 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B08F7227\8488E27\tx19_ic.ini -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B08F7227\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B08F7227 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B232B1D5\7F7C7AF4\PlM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B232B1D5\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B232B1D5 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B4D9460F\7F7C7AF4\Library.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B4D9460F\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B4D9460F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B51FE034\7F7C7AF4\tx19_htm.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B51FE034\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B51FE034 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B5876E6B\7F7C7AF4\XPBurn.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B5876E6B\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B5876E6B -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B7AEF3D3\8488E27\FTM.Shared.Controls.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B7AEF3D3\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B7AEF3D3 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B89EA108\8488E27\MyFamily.Shared.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B89EA108\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\B89EA108 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\BA928131\8488E27\ImportHelper.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\BA928131\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\BA928131 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\BC931239\7F7C7AF4\msvcp100.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\BC931239\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\BC931239 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\BD32D427\7F7C7AF4\ViewerManager.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\BD32D427\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\BD32D427 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C0AEA065\7F7C7AF4\Sync.Manager.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C0AEA065\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C0AEA065 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C162D8DB\8488E27\FTM.Data.DB.Converters.SQLite.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C162D8DB\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C162D8DB -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C2E9CFFA\7F7C7AF4\FTM.Charting.Shared.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C2E9CFFA\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C2E9CFFA -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C2F0161F\7F7C7AF4\ReM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C2F0161F\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C2F0161F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C4D76DEA\7F7C7AF4\tx19_css.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C4D76DEA\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C4D76DEA -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C6F61391\8488E27\FTM.Shared.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C6F61391\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C6F61391 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C71BFB7D\7F7C7AF4\FTM.UI.Places.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C71BFB7D\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C71BFB7D -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C78C02E0\8488E27\tx19_bmp.flt -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C78C02E0\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C78C02E0 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C9F3FD06\8488E27\tx19_css.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C9F3FD06\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\C9F3FD06 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\CA8BDD20\7F7C7AF4\tx19_ic.ini -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\CA8BDD20\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\CA8BDD20 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\CA966B89\8488E27\tx19_png.flt -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\CA966B89\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\CA966B89 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\CC7ED843\8488E27\InLib.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\CC7ED843\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\CC7ED843 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D098F817\7F7C7AF4\Convert.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D098F817\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D098F817 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D1AE63BE\8488E27\ImportHelperLib.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D1AE63BE\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D1AE63BE -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D1C2C7FB\8488E27\FTM.Charting.Shared.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D1C2C7FB\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D1C2C7FB -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D22A61D1\8488E27\FTM.Services.Contracts.dll -> Deleted

glhglh · Apr 17, 2016

Continued: Part 2
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D22A61D1\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D22A61D1 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D236C2E0\8488E27\Sync.Composite.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D236C2E0\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D236C2E0 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D3C8A63F\8488E27\FTM.Services.Data.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D3C8A63F\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D3C8A63F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D4910CDF\7F7C7AF4\tx19_png.flt -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D4910CDF\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D4910CDF -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D5C704A7\7F7C7AF4\ImportHelper.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D5C704A7\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D5C704A7 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D8031EDE\7F7C7AF4\Sources.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D8031EDE\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\D8031EDE -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\DE05789F\8488E27\Sync.Mapping.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\DE05789F\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\DE05789F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E0871BB6\7F7C7AF4\FTM.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E0871BB6\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E0871BB6 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E162B2D5\8488E27\tx19_tif.flt -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E162B2D5\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E162B2D5 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E1C493E4\7F7C7AF4\FTM.Import.FTW.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E1C493E4\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E1C493E4 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E220F829\7F7C7AF4\Sync.Composite.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E220F829\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E220F829 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E308FC9B\8488E27\Convert.exe.config -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E308FC9B\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E308FC9B -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E449AA6\7F7C7AF4\Sync.Data.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E449AA6\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E449AA6 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E60039B9\8488E27\PlcM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E60039B9\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E60039B9 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E742A0F7\8488E27\tx19_htm.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E742A0F7\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E742A0F7 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E9C430CA\8488E27\FTM.Data.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E9C430CA\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E9C430CA -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E9DE6A83\8488E27\SU.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E9DE6A83\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\E9DE6A83 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EA10B5B0\7F7C7AF4\FTM.Data.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EA10B5B0\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EA10B5B0 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EC0905F\8488E27\FTM.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EC0905F\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EC0905F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EED114FD\8488E27\Sync.Shared.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EED114FD\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EED114FD -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EF2A3E9A\8488E27\PuM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EF2A3E9A\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EF2A3E9A -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EF3D7CA9\7F7C7AF4\FTM.Data.DB.DDA.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EF3D7CA9\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\EF3D7CA9 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F0FC929A\8488E27\AutoBackupProcess.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F0FC929A\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F0FC929A -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F2101253\7F7C7AF4\FTM.Shared.Controls.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F2101253\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F2101253 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F2665DD7\7F7C7AF4\FTM.Services.Contracts.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F2665DD7\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F2665DD7 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F274A20D\7F7C7AF4\FTM.Services.Shared.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F274A20D\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F274A20D -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F331F7E1\7F7C7AF4\tx19_xml.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F331F7E1\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F331F7E1 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F7E84436\8488E27\FTM.Import.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F7E84436\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F7E84436 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F81B9620\7F7C7AF4\tx19_gif.flt -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F81B9620\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F81B9620 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F9DD3A5\8488E27\FTM.Import.FTW.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F9DD3A5\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\F9DD3A5 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\FD770A6F\8488E27\WebServiceProxies.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\FD770A6F\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\FD770A6F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\FE7C6125\8488E27\Sources.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\FE7C6125\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\FE7C6125 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\FEB0C710\8488E27\Sync.Shared.pdb -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\FEB0C710\8488E27 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\FEB0C710 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\FF1064EE\7F7C7AF4\MeM.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\FF1064EE\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\FF1064EE -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files\{3F06E471-FD45-4DB4-83A5-E68D149EA29F} -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Files -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\129DD14A\7F7C7AF4\gbfunc.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\129DD14A\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\129DD14A -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\1B4896C9\7F7C7AF4\VisioForge_MFP.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\1B4896C9\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\1B4896C9 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\1C4093E4\7F7C7AF4\VistaDB20.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\1C4093E4\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\1C4093E4 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\22DB37B7\7F7C7AF4\artpschd.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\22DB37B7\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\22DB37B7 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\23E7CDA0\7F7C7AF4\GdPicture.NET.9.image.gdimgplug.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\23E7CDA0\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\23E7CDA0 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2860CCC7\7F7C7AF4\Telerik.WinControls.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2860CCC7\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2860CCC7 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2DAD1F17\7F7C7AF4\libmfxsw64.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2DAD1F17\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2DAD1F17 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2E10D7AF\7F7C7AF4\Microsoft.Practices.EnterpriseLibrary.Security.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2E10D7AF\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2E10D7AF -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2E9E76C3\7F7C7AF4\AxWMPLib.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2E9E76C3\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2E9E76C3 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2F2DA4C9\7F7C7AF4\WIALib.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2F2DA4C9\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\2F2DA4C9 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\34C150D3\7F7C7AF4\DevExpress.XtraPivotGrid.v12.2.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\34C150D3\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\34C150D3 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\366A95B\7F7C7AF4\DevExpress.Office.v12.2.Core.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\366A95B\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\366A95B -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\36EFE802\7F7C7AF4\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\36EFE802\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\36EFE802 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\36F86C4F\7F7C7AF4\Microsoft.Practices.EnterpriseLibrary.Logging.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\36F86C4F\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\36F86C4F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\37DAE862\7F7C7AF4\CABARC.EXE -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\37DAE862\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\37DAE862 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\38A81450\427CCCA1\Ftmb.ico -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\38A81450\427CCCA1 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\38A81450 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\408A39D8\7F7C7AF4\ICSharpCode.SharpZipLib.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\408A39D8\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\408A39D8 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\412C763D\8E0292FC\de-DE.dic -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\412C763D\8E0292FC\en-AU.dic -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\412C763D\8E0292FC\en-CA.dic -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\412C763D\8E0292FC\en-GB.dic -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\412C763D\8E0292FC\en-US.dic -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\412C763D\8E0292FC\es-ES.dic -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\412C763D\8E0292FC\es-MX.dic -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\412C763D\8E0292FC\fr-FR.dic -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\412C763D\8E0292FC\it-IT.dic -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\412C763D\8E0292FC -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\412C763D -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\41385C5C\7F7C7AF4\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\41385C5C\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\41385C5C -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\450532B\7F7C7AF4\Augmentation.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\450532B\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\450532B -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\463DB139\544D5A49\SQLite.Interop.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\463DB139\544D5A49 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\463DB139 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9\Fall tree.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9\Leaves.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9\Tree (landscape).jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9\Tree Black & White.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9\Tree Branches.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9\Tree Canvas.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9\Tree Canvas2.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9\Tree Canvas3.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9\Tree in Mist.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9\Tree Stark.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9\Tree.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9\Tree_2 (landscape).jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9\Tree_2.jpg -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\415267F9 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\African American Heros.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Auto Industry.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Car Mechanic.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Career Construction.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Career Logger.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Career Miner.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Career Railroad.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Career Rancher.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Career Steelworker.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Career Textile Worker.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Children Workers.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Civilian Conservation Corp.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Korean War.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Land Rush.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D\Woman Military 2.jpg -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\74409C1D -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\7D6ED671\Fall Leaves.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\7D6ED671\Flowered Pattern.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\7D6ED671\Swirl Blue.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\7D6ED671\Swirl Tan.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\7D6ED671\Swirls.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\7D6ED671\Waves.jpg -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\7D6ED671 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\9DE304C9\Mothers Day1.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\9DE304C9\Mothers Day2.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\9DE304C9\Mothers Day3.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\9DE304C9\Tapestry Fabric.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\9DE304C9\Tapestry Flower Blue.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\9DE304C9\Tapestry Flower Green.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\9DE304C9\Tapestry Flower Grey.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\9DE304C9\Tapestry Vine Green.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\9DE304C9\Tapestry Vine Tan.jpg -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\9DE304C9 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\B727711\Canvas Blue & Tan.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\B727711\Canvas Light.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\B727711\Cloud.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\B727711\fancy.bmp -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\B727711\fancy_bk.bmp -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\B727711\Old Map (landscape).jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\B727711\Old Map.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\B727711\Old Paper.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\B727711\Old Parchment (landscape).jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\B727711\Olive.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\B727711\Parchment (tile).bmp -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\B727711\Parchment.jpg -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\B727711 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566\Arch de Triomphe .jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566\Aspens (landscape).jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566\City Square.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566\Eiffel Tower.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566\European Villiage (landscape).jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566\Mountain (landscape).jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566\Mountain Top (landscape).jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566\Nature (landscape).jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566\Pond.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566\River (landscape).jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566\Road (landscape).jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566\ship.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566\Stream (landscape).jpg -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\D4046566 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\DEA9B967\Nature Camping.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\DEA9B967\Nature Climbing.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\DEA9B967\Nature Fishing.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\DEA9B967\Nature Hiking.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\DEA9B967\Nature Hiking2.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\DEA9B967\Nature Hunting.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\DEA9B967\Nature Rock Face.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\DEA9B967\Nature Straw.jpg -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\DEA9B967\Nature Tree Bark.jpg -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321\DEA9B967 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\498F3321 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\4A0C2876\7F7C7AF4\GdPicture.NET.9.filters.64.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\4A0C2876\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\4A0C2876 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\4B74272\7F7C7AF4\DevExpress.RichEdit.v12.2.Core.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\4B74272\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\4B74272 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\4C2DD70F\7F7C7AF4\DevExpress.Charts.v12.2.Core.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\4C2DD70F\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\4C2DD70F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\4CE218AC\7F7C7AF4\GdPicture.NET.9.filters.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\4CE218AC\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\4CE218AC -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\511C4573\7F7C7AF4\System.Data.SQLite.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\511C4573\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\511C4573 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\5C22A6E5\427CCCA1\CompanionGuide.pdf -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\5C22A6E5\427CCCA1 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\5C22A6E5 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\62281E3A\427CCCA1\HighVideo.prx -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\62281E3A\427CCCA1 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\62281E3A -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\651D05E4\7F7C7AF4\RecordLinkingFramework.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\651D05E4\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\651D05E4 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6A1F213A\7F7C7AF4\WMPLib.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6A1F213A\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6A1F213A -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6A671D2C\7F7C7AF4\VisioForge.Shared.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6A671D2C\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6A671D2C -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B1FFE1E\84BEBD0F\Autumn.ftmt -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B1FFE1E\84BEBD0F\BlueMountainGradient.ftmt -> Deleted

glhglh · Apr 17, 2016

Continued: Part 3

[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B1FFE1E\84BEBD0F\Landscape_Mountain.ftmt -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B1FFE1E\84BEBD0F\Landscape_Tree_Dark_Transparent.ftmt -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B1FFE1E\84BEBD0F\Light_Tree.ftmt -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B1FFE1E\84BEBD0F\Simple-Bold.ftmt -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B1FFE1E\84BEBD0F\Simple-Elegant.ftmt -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B1FFE1E\84BEBD0F\Simple-Portrait.ftmt -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B1FFE1E\84BEBD0F\Simple-Scenic.ftmt -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B1FFE1E\84BEBD0F -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B1FFE1E -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B5AE03C\7F7C7AF4\VisioForge.Types.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B5AE03C\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6B5AE03C -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6C85B6F7\7F7C7AF4\TXTextControl.Windows.Forms.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6C85B6F7\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6C85B6F7 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6C87DE0F\7F7C7AF4\DevExpress.XtraBars.v12.2.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6C87DE0F\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6C87DE0F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6D68149\7F7C7AF4\Itenso.Rtf.Interpreter.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6D68149\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6D68149 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6D95BC1A\7F7C7AF4\ImExGED.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6D95BC1A\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6D95BC1A -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6EAF1F76\7F7C7AF4\VisioForge.Controls.WinForms.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6EAF1F76\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\6EAF1F76 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\721A5CC7\7F7C7AF4\DevExpress.Printing.v12.2.Core.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\721A5CC7\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\721A5CC7 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\7623D1A\7F7C7AF4\QuickGraph.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\7623D1A\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\7623D1A -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\765A289E\7F7C7AF4\Microsoft.Practices.CompositeUI.WinForms.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\765A289E\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\765A289E -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\76C7BD03\427CCCA1\License.rtf -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\76C7BD03\427CCCA1 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\76C7BD03 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\80B969A3\7F7C7AF4\DevExpress.XtraReports.v12.2.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\80B969A3\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\80B969A3 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\80CE9900\427CCCA1\LowVideo.prx -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\80CE9900\427CCCA1 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\80CE9900 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Circles.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Daisy.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Brown Garland.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Brown Leaf.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Brown Quail.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Embellishment1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Embellishment2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Embellishment3.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Embellishment4.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Embellishment5.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Embellishment6.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Embellishment7.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Embellishment8.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Emblem.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Leaf Emblem.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Name Plate2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Fall Orange Leaf.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flower Screen.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flower Small.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flower.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flower2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flowering Vine1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flowering Vine2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flowers & Vines1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flowers & Vines2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flowers & Vines3.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flowers & Vines4.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flowers & Vines5.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flowers & Vines6.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flowers & Vines7.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flowers & Vines8.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flowers Blue1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flowers Blue2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Flowers Tulip.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Gold Leaf.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Leaf Embellishment1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Leaf Embellishment2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Leaves Left.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Spring Embellishment1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Spring Embellishment2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Spring Embellishment3.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Spring Embellishment4.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Spring Embellishment5.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Spring Flowers1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Spring Flowers2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Spring Flowers3.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Spring Flowers4.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\three Olive colored flowers.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Tulip.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Winter1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Winter2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC\Winter3.png -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\13F3EFCC -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Flourish Heading.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Flourish Screen.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Flourish Simple.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Flourish White1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Flourish White2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Flourish White3.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Flourish White4.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Flourish1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Flourish2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Flourish3.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Grey Flourish.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Grey Scroll1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Grey Scroll2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Grey scroll3.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Lite Grey Scroll Left.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Lite Grey Scroll Right.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Lite Grey Scroll1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Lite Grey Scroll2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Swirl.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B\Vine.png -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\4F84739B -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Border Grey Flourish.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Border Line Frame.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Border Paper Frame Vertical.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Border Paper Frame.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Border White Flourish.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Corner Bottom Left.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Corner Bottom Right.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Corner Top Left.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Corner Top Right.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Landscape Frame1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Landscape Frame2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Landscape Frame3.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Landscape Frame4.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Landscape Frame5.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Landscape Frame6.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Oval Frame.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Portrait Frame1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Portrait Frame2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Portrait Frame3.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632\Portrait Frame4.png -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\8AA90632 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Phrase-A Life Together.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Phrase-Always.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Phrase-Beginning.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Phrase-From This Time.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Phrase-Lasting.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Phrase-Mr&Mrs.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Phrase-To Cherish.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Phrase-True Happiness.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Beautiful.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Believe.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Bliss.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Caring.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Devoted.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Dreams.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Joyful.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Love.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Loved.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Lovely.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Loving.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Proud.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Remember.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Strong.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5\Word-Wise.png -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\AB7518A5 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Banner.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Bashe Swirl.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Bicycle.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Cameo.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Cat Tail Flourish.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Compass.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Curvy Shape White.png -> Deleted

[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Dove.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Embellishment1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Embellishment2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Embellishment3.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Flower Girl.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Flower White.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Garnish Boy.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Garnish Girl.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Garnish.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Name Plate.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Name Plate2.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Ornament Left.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Ornament Right.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Ornament1.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Ornament3.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Passport.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Plume Boy.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Plume Girl.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Record Player.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Small Swirl.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Star Blue.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Star Red.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Star White.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Stem.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\Wheel.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\White Swirl.png -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84\World Map.png -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB\F4709A84 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8714BFB -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\878EB27B\7F7C7AF4\FTM.exe.config -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\878EB27B\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\878EB27B -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\87EE0336\7F7C7AF4\patchw32.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\87EE0336\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\87EE0336 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\885E8052\17F30EC1\SQLite.Interop.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\885E8052\17F30EC1 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\885E8052 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8DE0963\FE6A6F3F\Tutorial_PC.exe -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8DE0963\FE6A6F3F -> Removed at reboot [91]
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\8DE0963 -> Removed at reboot [91]
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\93B4C60F\7F7C7AF4\Interop.Shell32.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\93B4C60F\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\93B4C60F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\944A8ED\7F7C7AF4\VisioForge.MediaFramework.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\944A8ED\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\944A8ED -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\9581B538\7F7C7AF4\Family_Tree_Maker.chm -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\9581B538\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\9581B538 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\96DBD66D\7F7C7AF4\VisioForge.Controls.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\96DBD66D\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\96DBD66D -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\96DCA0D9\427CCCA1\Ftms.ico -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\96DCA0D9\427CCCA1 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\96DCA0D9 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\974CD737\7F7C7AF4\Telerik.WinControls.UI.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\974CD737\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\974CD737 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\987D667A\7F7C7AF4\TXTextControl.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\987D667A\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\987D667A -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\99CF9499\7F7C7AF4\DevExpress.XtraTreeList.v12.2.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\99CF9499\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\99CF9499 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\9A8B45C6\460C4773\MyFamily.Shared.resources.dll -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\9A8B45C6\460C4773\PeM.resources.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\9A8B45C6\460C4773 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\9A8B45C6 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\A1870F15\7F7C7AF4\DevExpress.XtraCharts.v12.2.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\A1870F15\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\A1870F15 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\AC1109DE\7F7C7AF4\Itenso.Sys.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\AC1109DE\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\AC1109DE -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\AD550022\7F7C7AF4\msvcr71.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\AD550022\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\AD550022 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\B1E8285\7F7C7AF4\GdPicture.NET.9.PDF.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\B1E8285\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\B1E8285 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\B2CC5AB\7F7C7AF4\System.Data.SQLite.Linq.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\B2CC5AB\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\B2CC5AB -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\B6BF40A0\7F7C7AF4\ProfileCatalog.xml -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\B6BF40A0\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\B6BF40A0 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\C1289FA6\7F7C7AF4\NetSpell.SpellChecker.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\C1289FA6\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\C1289FA6 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\C12A3E\7F7C7AF4\DevExpress.XtraEditors.v12.2.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\C12A3E\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\C12A3E -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\C411F16\7F7C7AF4\Itenso.Rtf.Parser.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\C411F16\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\C411F16 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\CA10F1BD\7F7C7AF4\artpclnt.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\CA10F1BD\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\CA10F1BD -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\CB426BC\7F7C7AF4\Microsoft.Practices.EnterpriseLibrary.Caching.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\CB426BC\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\CB426BC -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\CBAFA89B\7F7C7AF4\GdPicture.NET.9.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\CBAFA89B\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\CBAFA89B -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D1819C98\7F7C7AF4\libmfxsw32.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D1819C98\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D1819C98 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D2F8DF75\7F7C7AF4\Microsoft.mshtml.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D2F8DF75\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D2F8DF75 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D36B8C6D\427CCCA1\HighAudioVideo.prx -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D36B8C6D\427CCCA1 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D36B8C6D -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D41DF5C1\7F7C7AF4\VisioForge_MFP64.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D41DF5C1\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D41DF5C1 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D4E0C592\7F7C7AF4\PostSharp.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D4E0C592\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D4E0C592 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D871672E\427CCCA1\LowAudioVideo.prx -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D871672E\427CCCA1 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\D871672E -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DAB84243\9429AD2C\GrayExternal.swf -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DAB84243\9429AD2C\tutorial1.flv -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DAB84243\9429AD2C\tutorial2.flv -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DAB84243\9429AD2C\tutorial3.flv -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DAB84243\9429AD2C\tutorial4.flv -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DAB84243\9429AD2C\tutorial5.flv -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DAB84243\9429AD2C\tutorial6.flv -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DAB84243\9429AD2C\tutorial7.flv -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DAB84243\9429AD2C\tutorial8.flv -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DAB84243\9429AD2C\tutorial9.flv -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DAB84243\9429AD2C -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DAB84243 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DB300AC3\7F7C7AF4\DevExpress.Utils.v12.2.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DB300AC3\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\DB300AC3 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\BirthDay -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\BirthMonth -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\BirthYear -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\DeathDay -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\DeathMonth -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\DeathYear -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\DoubleMetaphoneNameTable -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\MarriageDay -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\MarriageMonth -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\MarriageYear -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\NameTable -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\NickNames -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\PlaceTable -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\TLevel1NameTable -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\TLevel2NameTable -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\TLevel3NameTable -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1\TLevel4NameTable -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14\E71C82E1 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0271B14 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E04A7A05\7F7C7AF4\Microsoft.Practices.CompositeUI.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E04A7A05\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E04A7A05 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0767E97\7F7C7AF4\Microsoft.Practices.ObjectBuilder.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0767E97\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0767E97 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0C0002D\7F7C7AF4\TelerikCommon.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0C0002D\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E0C0002D -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E1F694D9\7F7C7AF4\DevExpress.XtraPrinting.v12.2.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E1F694D9\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E1F694D9 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E27E90F4\7F7C7AF4\GdPicture.NET.9.image.gdimgplug.64.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E27E90F4\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E27E90F4 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E30045BD\7F7C7AF4\AxInterop.WMPLib.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E30045BD\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E30045BD -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E533BB7C\7F7C7AF4\PlaceAuthority.db3 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E533BB7C\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E533BB7C -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E8E0CF09\7F7C7AF4\GlacialTreeList.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E8E0CF09\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\E8E0CF09 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\EA2B6B29\427CCCA1\Ftmf.ico -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\EA2B6B29\427CCCA1 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\EA2B6B29 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\EC6BB8C4\7F7C7AF4\Ionic.Zip.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\EC6BB8C4\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\EC6BB8C4 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\ED068D74\7F7C7AF4\DevExpress.Data.v12.2.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\ED068D74\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\ED068D74 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F07BB497\7F7C7AF4\DevExpress.XtraScheduler.v12.2.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F07BB497\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F07BB497 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F12D906F\7F7C7AF4\DevExpress.XtraScheduler.v12.2.Core.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F12D906F\7F7C7AF4 -> Deleted

glhglh · Apr 17, 2016

Continued: part 4 Last and final:

[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F12D906F -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F5AD65A2\7F7C7AF4\Microsoft.Practices.EnterpriseLibrary.Common.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F5AD65A2\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F5AD65A2 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F5C9B276\7F7C7AF4\Interop.WMPLib.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F5C9B276\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F5C9B276 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F99A8A52\7F7C7AF4\VistaDB.Provider.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F99A8A52\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\F99A8A52 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\FAD2B3D9\7F7C7AF4\DevExpress.XtraRichEdit.v12.2.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\FAD2B3D9\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\FAD2B3D9 -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\FC1A43BD\7F7C7AF4\Microsoft.Search.Interop.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\FC1A43BD\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\FC1A43BD -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\FE00ECDB\7F7C7AF4\BuildNumber.txt -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\FE00ECDB\7F7C7AF4 -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\FE00ECDB -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared\{3F06E471-FD45-4DB4-83A5-E68D149EA29F} -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\Family Tree Maker - Shared -> Removed at reboot [91]
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\instance.dat -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\mia.lib -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\OFFLINE\mMSI.dll\mMSIExec.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\OFFLINE\mMSI.dll -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\OFFLINE\mWinRun.dll\mWinRunExec.dll -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\OFFLINE\mWinRun.dll -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\OFFLINE\{3F06E471-FD45-4DB4-83A5-E68D149EA29F} -> Deleted
[PUP][Folder] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\OFFLINE -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\setup.bmp -> Removed at reboot [5]
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\setup.dat -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\setup.exe -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\setup.lnk -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\setup.msi -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\setup.par -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\setup.res -> Deleted
[PUP][File] C:\ProgramData\{3F06E471-FD45-4DB4-83A5-E68D149EA29F}\{39EF38DF-2727-4C09-A165-FD3B87BA3AE9} -> Deleted

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ADATA SSD S510 120GB +++++
--- User ---
[MBR] 295ab855c485578d587cd04e7cff24aa
[BSP] d92b89d66ebd3bb54bd840c959e28b00 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 113921 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 233517056 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD10EZEX-00KUWA0 +++++
--- User ---
[MBR] 349d4c5c6ef0a872a007579d6f408cf8
[BSP] 687217d9dd263747be6e37cc2384a844 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: Seagate FreeAgent GoFlex USB Device +++++
--- User ---
[MBR] efaae474bf56cd39e5d0462ccb81c6e6
[BSP] 5cab7fac78b6fe5301595cea6da44b25 : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

Malwarebytes Anti report:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/17/2016
Scan Time: 2:27 PM
Logfile:
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.04.17.06
Rootkit Database: v2016.04.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: garyh

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 538386
Time Elapsed: 4 min, 40 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

AdwCleaner.txt:

# AdwCleaner v5.112 - Logfile created 17/04/2016 at 14:39:26
# Updated 17/04/2016 by Xplode
# Database : 2016-04-17.1 [Server]
# Operating system : Windows 10 Pro (X64)
# Username : garyh - GLH-DESKTOP-I7
# Running from : C:\Users\garyh\Desktop\Virus\adwcleaner_5.112.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\garyh\AppData\Local\PackageAware

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1092 bytes] - [17/04/2016 14:39:26]
C:\AdwCleaner\AdwCleaner[C3].txt - [821 bytes] - [11/09/2015 08:46:32]
C:\AdwCleaner\AdwCleaner[R0].txt - [1493 bytes] - [08/06/2015 15:09:54]
C:\AdwCleaner\AdwCleaner[R1].txt - [1342 bytes] - [14/07/2015 16:16:15]
C:\AdwCleaner\AdwCleaner[S0].txt - [1571 bytes] - [08/06/2015 15:10:39]
C:\AdwCleaner\AdwCleaner[S1].txt - [2896 bytes] - [14/07/2015 16:17:02]
C:\AdwCleaner\AdwCleaner[S3].txt - [745 bytes] - [11/09/2015 08:44:05]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1601 bytes] ##########

JRT.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Pro x64
Ran by garyh (Administrator) on Sun 04/17/2016 at 14:43:41.94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 7

Successfully deleted: C:\Users\garyh\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\garyh\AppData\Local\kakao (Folder)
Successfully deleted: C:\WINDOWS\wininit.ini (File)
Successfully deleted: C:\Program Files (x86)\GUT4F0A.tmp (File)
Successfully deleted: C:\WINDOWS\prefetch\GOOGLETOOLBARMANAGER_A6282D74-E499780F.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\GOOGLETOOLBARNOTIFIER.EXE-7AE0A20E.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\GOOGLETOOLBARUSER_32.EXE-34B1B1C5.pf (File)

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 04/17/2016 at 14:44:44.37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

What's wrong with Family Tree maker? I've used for 15 years.

Broni · Apr 17, 2016

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

Double click to run it.
Make sure you checkmark Addition.txt box.
Press Scan button.
Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

glhglh · Apr 18, 2016

Post 1:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016

Ran by garyh (administrator) on GLH-DESKTOP-I7 (18-04-2016 12:18:46)

Running from C:\Users\garyh\Desktop\Virus

Loaded Profiles: garyh & QBDataServiceUser23 (Available Profiles: iBuyPower & garyh & QBDataServiceUser23 & DefaultAppPool)

Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe

(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Microsoft Corporation) C:\Windows\System32\mqsvc.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe

() E:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe

(Fitbit, Inc.) E:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Piriform Ltd) E:\Program Files\CCleaner\CCleaner64.exe

(Intuit, Inc.) E:\Program Files (x86)\Intuit\QuickBooks 2013\QBDBMgrN.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

() E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

() E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\Roxio Burn.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2015-06-07] (Realtek Semiconductor)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794704 2015-02-20] (NVIDIA Corporation)

HKLM\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)

HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2015-05-29] (Intel Corporation)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)

HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [286272 2015-06-07] (RealNetworks, Inc.)

HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3776824 2015-11-10] (Intuit Inc. All rights reserved.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [QuickTime Task] => E:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)

HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)

HKLM-x32\...\Run: [RoxWatchTray] => E:\Program Files (x86)\Roxio Creator NXT Pro 3\Common\RoxWatchTray15.exe [295112 2014-09-26] (Corel Corporation)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)

HKLM-x32\...\Run: [Fitbit Connect] => E:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [HP Officejet 7500 E910 (NET)] => C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [Google Update] => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [CCleaner Monitoring] => E:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [NETGEARGenie] => e:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2015-06-01] (NETGEAR Inc.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [Fitbit Connect] => E:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2016-04-11] (Siber Systems)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\MountPoints2: {a0d7e724-3afa-11e5-9bc2-806e6f6e6963} - "D:\setup.exe"

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150528 2015-10-30] (Microsoft Corporation)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2015-07-20]

ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Media Server Tray Tool.lnk [2015-06-12]

ShortcutTarget: Logitech Media Server Tray Tool.lnk -> E:\Program Files (x86)\Squeezebox\SqueezeTray.exe (Logitech Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2016-04-17]

ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2016-04-17]

ShortcutTarget: QuickBooks_Standard_21.lnk -> E:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE (Intuit Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-06-07]

ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)

Startup: C:\Users\garyh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 7500 E910 (Network).lnk [2016-04-17]

ShortcutTarget: Monitor Ink Alerts - HP Officejet 7500 E910 (Network).lnk -> C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\garyh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-11-11]

ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (No File)

GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{d7f2a025-9c18-40d3-b84c-ca74bd845c1c}: [DhcpNameServer] 192.168.1.1

Internet Explorer:

==================

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nytimes.com/

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.com/?gws_rd=ssl

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-28] (Microsoft Corporation)

BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-11] (Siber Systems Inc.)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-28] (Microsoft Corporation)

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-02-28] (Microsoft Corporation)

BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-04-11] (Siber Systems Inc.)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-02-28] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)

Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-11] (Siber Systems Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-18] (Google Inc.)

Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-04-11] (Siber Systems Inc.)

Toolbar: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-18] (Google Inc.)

Toolbar: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-11] (Siber Systems Inc.)

DPF: HKLM-x32 {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://benefitsinformation.webex.com/client/WBXclient-T29L10NSP13EP50-10011/nbr/ieatgpc1.cab

Handler-x32: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - E:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll [2016-03-22] (Intuit, Inc.)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)

Edge:

======

Edge HomeButtonPage: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001 -> hxxp://www.nytimes.com/?WT.z_jog=1&hF=f&vS=undefined

FireFox:

========

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()

FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-02-28] (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-28] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-13] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-13] (NVIDIA Corporation)

FF Plugin-x32: @real.com/nppl3260;version=18.0.0.112 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-06-07] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpplugin;version=18.0.0.112 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-06-07] (RealTimes)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1582027158-3427342393-2586192252-1001: @citrixonline.com/appdetectorplugin -> C:\Users\garyh\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-12-15] (Citrix Online)

FF Plugin HKU\S-1-5-21-1582027158-3427342393-2586192252-1001: @tools.google.com/Google Update;version=3 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)

FF Plugin HKU\S-1-5-21-1582027158-3427342393-2586192252-1001: @tools.google.com/Google Update;version=9 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)

Chrome:

=======

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "hxxp://www.nytimes.com/","hxxp://www.peacecorpskorea.com/","hxxps://www.facebook.com/","hxxps://translate.google.com/?hl=en"

CHR Profile: C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-06]

CHR Extension: (Google Docs) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-06]

CHR Extension: (Google Drive) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]

CHR Extension: (YouTube) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]

CHR Extension: (Google Search) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]

CHR Extension: (Google Sheets) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-06]

CHR Extension: (Google Docs Offline) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]

CHR Extension: (Chrome Web Store Payments) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]

CHR Extension: (Gmail) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-06]

CHR Extension: (RoboForm Password Manager) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-03-19]

CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2016-04-11]

CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2016-04-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)

S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [263168 2013-07-03] () [File not signed]

R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22760 2014-01-22] ()

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2912496 2016-02-28] (Microsoft Corporation)

S2 dbupdate; c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-14] (Dropbox, Inc.)

S3 dbupdatem; c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-14] (Dropbox, Inc.)

R2 Fitbit Connect; E:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)

S3 gusvc; E:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2015-06-06] (Google)

R2 HDRExpress3Service; e:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe [32784 2014-10-23] ()

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)

S3 NETGEARGenieDaemon; e:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2015-06-01] (NETGEAR)

R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)

R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)

R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2016-03-22] (Intuit) [File not signed]

S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2013-10-01] (Intuit Inc.) [File not signed]

R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2013-10-01] (Intuit Inc.) [File not signed]

R3 QuickBooksDB23; E:\Program Files (x86)\Intuit\QuickBooks 2013\QBDBMgrN.exe [679936 2016-03-22] (Intuit, Inc.) [File not signed]

R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1115224 2015-06-07] (RealNetworks, Inc.)

R2 RoxioBurnLauncher; E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe [535784 2013-10-16] ()

S3 RoxMediaDB15; E:\Program Files (x86)\Roxio Creator NXT Pro 3\Common\RoxMediaDB15.exe [1097928 2014-09-26] (Corel Corporation)

S2 RoxWatch15; E:\Program Files (x86)\Roxio Creator NXT Pro 3\Common\RoxWatch15.exe [342216 2014-09-26] (Corel Corporation)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2015-12-07] (CACE Technologies, Inc.)

R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)

R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-07-29] (Audials AG)

R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )

R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2013-10-16] (Corel Corporation)

R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2013-10-16] (Corel Corporation)

R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2013-10-16] (Corel Corporation)

U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-04-17] ()

S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

U3 idsvc; no ImagePath

U5 REALPLAYERUPDATESVC; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-17 14:26 - 2016-04-17 14:34 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2016-04-17 14:25 - 2016-04-17 14:25 - 00000000 ____D C:\ProgramData\Malwarebytes

2016-04-17 14:25 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2016-04-17 14:25 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2016-04-17 14:25 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2016-04-17 14:08 - 2016-04-17 14:08 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys

2016-04-17 14:04 - 2016-04-17 14:04 - 00000000 ____D C:\ProgramData\RogueKiller

2016-04-15 12:39 - 2016-04-18 12:18 - 00000000 ____D C:\FRST

2016-04-15 12:36 - 2016-04-15 12:36 - 00000146 _____ C:\Users\garyh\Desktop\Windows Defender - Shortcut.lnk

2016-04-12 12:40 - 2016-04-01 21:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2016-04-12 12:40 - 2016-04-01 21:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

2016-04-12 12:40 - 2016-04-01 20:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll

2016-04-12 12:40 - 2016-04-01 20:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll

2016-04-12 12:40 - 2016-04-01 20:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2016-04-12 12:40 - 2016-04-01 20:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2016-04-12 12:40 - 2016-04-01 20:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2016-04-12 12:40 - 2016-04-01 20:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2016-04-12 12:40 - 2016-04-01 20:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2016-04-12 12:40 - 2016-04-01 20:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll

2016-04-12 12:40 - 2016-04-01 20:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2016-04-12 12:40 - 2016-04-01 20:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll

2016-04-12 12:40 - 2016-03-29 03:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2016-04-12 12:40 - 2016-03-29 03:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2016-04-12 12:40 - 2016-03-29 03:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2016-04-12 12:40 - 2016-03-29 03:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2016-04-12 12:40 - 2016-03-29 03:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2016-04-12 12:40 - 2016-03-29 03:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2016-04-12 12:40 - 2016-03-29 03:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2016-04-12 12:40 - 2016-03-29 03:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2016-04-12 12:40 - 2016-03-29 02:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2016-04-12 12:40 - 2016-03-29 02:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2016-04-12 12:40 - 2016-03-29 02:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll

2016-04-12 12:40 - 2016-03-29 02:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe

2016-04-12 12:40 - 2016-03-29 02:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2016-04-12 12:40 - 2016-03-29 02:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2016-04-12 12:40 - 2016-03-29 02:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2016-04-12 12:40 - 2016-03-29 01:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll

2016-04-12 12:40 - 2016-03-29 01:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2016-04-12 12:40 - 2016-03-29 01:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe

2016-04-12 12:40 - 2016-03-29 01:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2016-04-12 12:40 - 2016-03-29 01:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2016-04-12 12:40 - 2016-03-29 01:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2016-04-12 12:40 - 2016-03-29 01:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll

2016-04-12 12:40 - 2016-03-29 01:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2016-04-12 12:40 - 2016-03-29 00:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll

2016-04-12 12:40 - 2016-03-29 00:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2016-04-12 12:40 - 2016-03-29 00:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2016-04-12 12:40 - 2016-03-29 00:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll

2016-04-12 12:40 - 2016-03-29 00:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2016-04-12 12:40 - 2016-03-29 00:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll

2016-04-12 12:40 - 2016-03-29 00:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2016-04-12 12:40 - 2016-03-29 00:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2016-04-12 12:40 - 2016-03-29 00:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2016-04-12 12:40 - 2016-03-29 00:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll

2016-04-12 12:40 - 2016-03-29 00:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll

2016-04-12 12:40 - 2016-03-29 00:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll

2016-04-12 12:40 - 2016-03-29 00:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll

2016-04-12 12:40 - 2016-03-29 00:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll

2016-04-12 12:40 - 2016-03-29 00:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll

2016-04-12 12:40 - 2016-03-29 00:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

2016-04-12 12:40 - 2016-03-29 00:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2016-04-12 12:40 - 2016-03-29 00:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll

2016-04-12 12:40 - 2016-03-29 00:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll

2016-04-12 12:40 - 2016-03-29 00:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll

2016-04-12 12:40 - 2016-03-29 00:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll

2016-04-12 12:40 - 2016-03-29 00:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2016-04-12 12:40 - 2016-03-29 00:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2016-04-12 12:40 - 2016-03-29 00:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2016-04-12 12:40 - 2016-03-29 00:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2016-04-12 12:40 - 2016-03-29 00:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll

2016-04-12 12:40 - 2016-03-29 00:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll

2016-04-12 12:40 - 2016-03-29 00:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2016-04-12 12:40 - 2016-03-29 00:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll

2016-04-12 12:40 - 2016-03-29 00:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2016-04-12 12:40 - 2016-03-29 00:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll

2016-04-12 12:40 - 2016-03-29 00:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2016-04-12 12:40 - 2016-03-29 00:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2016-04-12 12:40 - 2016-03-29 00:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll

2016-04-12 12:40 - 2016-03-29 00:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

2016-04-12 12:40 - 2016-03-29 00:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll

2016-04-12 12:40 - 2016-03-29 00:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll

2016-04-12 12:40 - 2016-03-29 00:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2016-04-12 12:40 - 2016-03-29 00:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll

2016-04-12 12:40 - 2016-03-29 00:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll

2016-04-12 12:40 - 2016-03-28 23:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll

2016-04-12 12:40 - 2016-03-28 23:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2016-04-12 12:40 - 2016-03-28 23:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll

2016-04-12 12:40 - 2016-03-28 23:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll

2016-04-12 12:40 - 2016-03-28 23:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll

2016-04-12 12:40 - 2016-03-28 23:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll

2016-04-12 12:40 - 2016-03-28 23:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll

2016-04-12 12:40 - 2016-03-28 23:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2016-04-12 12:40 - 2016-03-28 23:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll

2016-04-12 12:40 - 2016-03-28 23:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll

2016-04-12 12:40 - 2016-03-28 23:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll

2016-04-12 12:40 - 2016-03-28 23:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll

2016-04-12 12:40 - 2016-03-28 23:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2016-04-12 12:40 - 2016-03-28 23:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2016-04-12 12:40 - 2016-03-28 23:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2016-04-12 12:40 - 2016-03-28 23:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll

2016-04-12 12:40 - 2016-03-28 23:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll

2016-04-12 12:40 - 2016-03-28 23:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll

2016-04-12 12:40 - 2016-03-28 23:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2016-04-12 12:40 - 2016-03-28 23:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2016-04-12 12:40 - 2016-03-28 23:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2016-04-12 12:40 - 2016-03-28 23:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2016-04-12 12:40 - 2016-03-28 23:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

2016-04-12 12:40 - 2016-03-28 23:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll

2016-04-12 12:40 - 2016-03-28 23:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll

2016-04-12 12:40 - 2016-03-28 23:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll

2016-04-12 12:40 - 2016-03-28 23:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll

2016-04-12 12:40 - 2016-03-28 23:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll

2016-04-12 12:40 - 2016-03-28 23:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll

2016-04-12 12:40 - 2016-03-28 23:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2016-04-12 12:40 - 2016-03-28 23:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2016-04-12 12:40 - 2016-03-28 23:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

glhglh · Apr 18, 2016

Post 2 of 3:

2016-04-12 12:40 - 2016-03-28 23:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll

2016-04-12 12:40 - 2016-03-28 23:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll

2016-04-12 12:40 - 2016-03-28 23:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2016-04-12 12:40 - 2016-03-28 23:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2016-04-12 12:40 - 2016-03-28 23:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2016-04-12 12:40 - 2016-03-28 23:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2016-04-12 12:40 - 2016-03-28 23:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2016-04-12 12:40 - 2016-03-28 22:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll

2016-04-12 12:40 - 2016-03-28 22:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2016-04-12 12:40 - 2016-03-28 22:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2016-04-12 12:40 - 2016-03-28 22:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2016-04-12 12:40 - 2016-03-28 22:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2016-04-12 12:40 - 2016-03-28 22:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll

2016-04-12 12:40 - 2016-03-28 22:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll

2016-04-12 12:40 - 2016-03-28 22:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2016-04-12 12:40 - 2016-03-28 22:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2016-04-12 12:40 - 2016-03-28 22:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2016-04-12 12:40 - 2016-03-28 22:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2016-04-12 12:40 - 2016-03-28 22:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2016-04-12 12:40 - 2016-03-28 22:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2016-04-12 12:40 - 2016-03-28 22:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2016-04-12 12:40 - 2016-03-28 22:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll

2016-04-12 12:40 - 2016-03-28 22:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2016-04-12 12:40 - 2016-03-28 22:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2016-04-12 12:40 - 2016-03-28 22:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll

2016-04-12 12:40 - 2016-03-28 22:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll

2016-04-12 12:39 - 2016-04-01 21:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll

2016-04-12 12:39 - 2016-04-01 21:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe

2016-04-12 12:39 - 2016-04-01 20:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll

2016-04-12 12:39 - 2016-04-01 20:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll

2016-04-12 12:39 - 2016-04-01 20:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll

2016-04-12 12:39 - 2016-04-01 20:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll

2016-04-12 12:39 - 2016-04-01 20:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll

2016-04-12 12:39 - 2016-04-01 20:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll

2016-04-12 12:39 - 2016-04-01 20:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll

2016-04-12 12:39 - 2016-04-01 20:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2016-04-12 12:39 - 2016-04-01 20:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2016-04-12 12:39 - 2016-03-29 03:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2016-04-12 12:39 - 2016-03-29 03:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll

2016-04-12 12:39 - 2016-03-29 03:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll

2016-04-12 12:39 - 2016-03-29 03:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2016-04-12 12:39 - 2016-03-29 03:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll

2016-04-12 12:39 - 2016-03-29 02:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll

2016-04-12 12:39 - 2016-03-29 02:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll

2016-04-12 12:39 - 2016-03-29 02:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys

2016-04-12 12:39 - 2016-03-29 02:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll

2016-04-12 12:39 - 2016-03-29 02:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll

2016-04-12 12:39 - 2016-03-29 02:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2016-04-12 12:39 - 2016-03-29 02:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe

2016-04-12 12:39 - 2016-03-29 02:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll

2016-04-12 12:39 - 2016-03-29 02:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll

2016-04-12 12:39 - 2016-03-29 02:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe

2016-04-12 12:39 - 2016-03-29 02:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll

2016-04-12 12:39 - 2016-03-29 01:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll

2016-04-12 12:39 - 2016-03-29 01:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll

2016-04-12 12:39 - 2016-03-29 01:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2016-04-12 12:39 - 2016-03-29 01:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll

2016-04-12 12:39 - 2016-03-29 01:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll

2016-04-12 12:39 - 2016-03-29 01:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll

2016-04-12 12:39 - 2016-03-29 01:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2016-04-12 12:39 - 2016-03-29 01:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll

2016-04-12 12:39 - 2016-03-29 01:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys

2016-04-12 12:39 - 2016-03-29 01:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll

2016-04-12 12:39 - 2016-03-29 01:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll

2016-04-12 12:39 - 2016-03-29 01:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2016-04-12 12:39 - 2016-03-29 01:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll

2016-04-12 12:39 - 2016-03-29 01:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll

2016-04-12 12:39 - 2016-03-29 01:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll

2016-04-12 12:39 - 2016-03-29 01:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe

2016-04-12 12:39 - 2016-03-29 01:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll

2016-04-12 12:39 - 2016-03-29 01:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll

2016-04-12 12:39 - 2016-03-29 00:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe

2016-04-12 12:39 - 2016-03-29 00:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2016-04-12 12:39 - 2016-03-29 00:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll

2016-04-12 12:39 - 2016-03-29 00:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll

2016-04-12 12:39 - 2016-03-29 00:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll

2016-04-12 12:39 - 2016-03-29 00:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll

2016-04-12 12:39 - 2016-03-29 00:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys

2016-04-12 12:39 - 2016-03-29 00:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll

2016-04-12 12:39 - 2016-03-29 00:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll

2016-04-12 12:39 - 2016-03-29 00:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll

2016-04-12 12:39 - 2016-03-29 00:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe

2016-04-12 12:39 - 2016-03-29 00:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll

2016-04-12 12:39 - 2016-03-29 00:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll

2016-04-12 12:39 - 2016-03-29 00:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll

2016-04-12 12:39 - 2016-03-29 00:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll

2016-04-12 12:39 - 2016-03-29 00:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll

2016-04-12 12:39 - 2016-03-29 00:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll

2016-04-12 12:39 - 2016-03-29 00:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll

2016-04-12 12:39 - 2016-03-29 00:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2016-04-12 12:39 - 2016-03-29 00:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll

2016-04-12 12:39 - 2016-03-29 00:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll

2016-04-12 12:39 - 2016-03-29 00:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll

2016-04-12 12:39 - 2016-03-29 00:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll

2016-04-12 12:39 - 2016-03-29 00:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys

2016-04-12 12:39 - 2016-03-29 00:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll

2016-04-12 12:39 - 2016-03-29 00:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll

2016-04-12 12:39 - 2016-03-29 00:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2016-04-12 12:39 - 2016-03-29 00:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys

2016-04-12 12:39 - 2016-03-29 00:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll

2016-04-12 12:39 - 2016-03-29 00:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll

2016-04-12 12:39 - 2016-03-29 00:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2016-04-12 12:39 - 2016-03-29 00:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe

2016-04-12 12:39 - 2016-03-29 00:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll

2016-04-12 12:39 - 2016-03-29 00:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll

2016-04-12 12:39 - 2016-03-29 00:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll

2016-04-12 12:39 - 2016-03-29 00:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

2016-04-12 12:39 - 2016-03-29 00:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2016-04-12 12:39 - 2016-03-29 00:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll

2016-04-12 12:39 - 2016-03-29 00:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll

2016-04-12 12:39 - 2016-03-29 00:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll

2016-04-12 12:39 - 2016-03-29 00:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll

2016-04-12 12:39 - 2016-03-29 00:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll

2016-04-12 12:39 - 2016-03-29 00:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

2016-04-12 12:39 - 2016-03-29 00:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll

2016-04-12 12:39 - 2016-03-29 00:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll

2016-04-12 12:39 - 2016-03-29 00:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2016-04-12 12:39 - 2016-03-29 00:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll

2016-04-12 12:39 - 2016-03-29 00:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll

2016-04-12 12:39 - 2016-03-29 00:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll

2016-04-12 12:39 - 2016-03-29 00:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll

2016-04-12 12:39 - 2016-03-29 00:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll

2016-04-12 12:39 - 2016-03-29 00:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll

2016-04-12 12:39 - 2016-03-29 00:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll

2016-04-12 12:39 - 2016-03-29 00:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2016-04-12 12:39 - 2016-03-29 00:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll

2016-04-12 12:39 - 2016-03-29 00:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2016-04-12 12:39 - 2016-03-29 00:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe

2016-04-12 12:39 - 2016-03-29 00:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll

2016-04-12 12:39 - 2016-03-29 00:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll

2016-04-12 12:39 - 2016-03-29 00:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys

2016-04-12 12:39 - 2016-03-29 00:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll

2016-04-12 12:39 - 2016-03-29 00:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll

2016-04-12 12:39 - 2016-03-28 23:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll

2016-04-12 12:39 - 2016-03-28 23:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe

2016-04-12 12:39 - 2016-03-28 23:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll

2016-04-12 12:39 - 2016-03-28 23:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll

2016-04-12 12:39 - 2016-03-28 23:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2016-04-12 12:39 - 2016-03-28 23:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll

2016-04-12 12:39 - 2016-03-28 23:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll

2016-04-12 12:39 - 2016-03-28 23:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2016-04-12 12:39 - 2016-03-28 23:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll

2016-04-12 12:39 - 2016-03-28 23:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll

2016-04-12 12:39 - 2016-03-28 23:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll

2016-04-12 12:39 - 2016-03-28 23:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2016-04-12 12:39 - 2016-03-28 23:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2016-04-12 12:39 - 2016-03-28 23:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll

2016-04-12 12:39 - 2016-03-28 23:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll

2016-04-12 12:39 - 2016-03-28 23:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2016-04-12 12:39 - 2016-03-28 23:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll

2016-04-12 12:39 - 2016-03-28 23:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll

2016-04-12 12:39 - 2016-03-28 23:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll

2016-04-12 12:39 - 2016-03-28 23:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll

2016-04-12 12:39 - 2016-03-28 23:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll

2016-04-12 12:39 - 2016-03-28 23:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll

2016-04-12 12:39 - 2016-03-28 23:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2016-04-12 12:39 - 2016-03-28 23:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll

2016-04-12 12:39 - 2016-03-28 23:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll

2016-04-12 12:39 - 2016-03-28 23:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll

2016-04-12 12:39 - 2016-03-28 23:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll

2016-04-12 12:39 - 2016-03-28 23:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2016-04-12 12:39 - 2016-03-28 23:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll

2016-04-12 12:39 - 2016-03-28 23:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2016-04-12 12:39 - 2016-03-28 23:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll

2016-04-12 12:39 - 2016-03-28 23:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll

2016-04-12 12:39 - 2016-03-28 23:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll

2016-04-12 12:39 - 2016-03-28 23:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll

2016-04-12 12:39 - 2016-03-28 23:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll

2016-04-12 12:39 - 2016-03-28 23:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2016-04-12 12:39 - 2016-03-28 23:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll

2016-04-12 12:39 - 2016-03-28 22:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll

2016-04-12 12:39 - 2016-03-28 22:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll

2016-04-12 12:39 - 2016-03-28 22:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll

2016-04-12 12:39 - 2016-03-28 22:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll

2016-04-12 12:39 - 2016-03-28 22:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2016-04-12 12:39 - 2016-03-28 22:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL

2016-04-12 12:39 - 2016-03-28 22:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL

2016-04-12 12:39 - 2016-03-28 22:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll

2016-04-11 09:27 - 2016-04-11 09:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm

2016-04-11 09:26 - 2016-04-11 09:26 - 00000000 ____D C:\Program Files (x86)\Siber Systems

2016-04-11 09:25 - 2016-04-11 09:25 - 00002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC

2016-04-08 12:32 - 2016-04-08 12:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2016-04-04 11:54 - 2016-04-04 11:54 - 00000000 ____D C:\Users\garyh\Desktop\Untitled Export

2016-03-19 10:31 - 2016-04-17 13:53 - 00001955 _____ C:\Users\Public\Desktop\QuickBooks Pro 2013.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-18 12:14 - 2015-07-21 09:35 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2016-04-18 12:09 - 2015-06-15 16:17 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001UA.job

2016-04-18 11:44 - 2015-06-06 14:25 - 00000906 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job

2016-04-18 11:39 - 2015-12-15 10:02 - 00000688 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1582027158-3427342393-2586192252-1001.job

2016-04-18 11:36 - 2015-12-15 10:02 - 00000592 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1582027158-3427342393-2586192252-1001.job

2016-04-18 10:56 - 2015-11-29 22:40 - 00000000 ____D C:\Users\garyh\AppData\Local\Deployment

2016-04-18 10:53 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\rescache

2016-04-18 08:46 - 2015-08-05 08:54 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0A67693B-C4D2-43F4-8D9C-F95F60CE280C}

2016-04-18 07:44 - 2015-06-06 14:25 - 00000902 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

2016-04-18 03:03 - 2015-06-06 11:07 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2016-04-17 19:09 - 2015-06-15 16:17 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001Core.job

2016-04-17 14:46 - 2015-11-16 18:34 - 01725576 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2016-04-17 14:46 - 2015-11-16 18:30 - 00564462 _____ C:\WINDOWS\system32\perfh012.dat

2016-04-17 14:46 - 2015-11-16 18:30 - 00158478 _____ C:\WINDOWS\system32\perfc012.dat

2016-04-17 14:46 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF

2016-04-17 14:45 - 2015-06-08 15:09 - 00000000 ____D C:\Users\garyh\Desktop\Virus

2016-04-17 14:40 - 2015-11-16 18:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2016-04-17 14:40 - 2015-11-16 18:34 - 00000000 ____D C:\ProgramData\NVIDIA

2016-04-17 14:39 - 2015-11-16 18:35 - 00000000 ____D C:\Users\garyh

2016-04-17 14:39 - 2015-10-29 23:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2016-04-17 14:39 - 2015-06-08 15:09 - 00000000 ____D C:\AdwCleaner

2016-04-17 13:53 - 2015-06-12 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks

2016-04-17 13:53 - 2015-06-12 09:46 - 00000089 _____ C:\WINDOWS\QBChanUtil_Trigger.ini

2016-04-17 09:23 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness

2016-04-16 10:51 - 2015-12-07 12:10 - 00000000 ____D C:\Users\garyh\AppData\Local\CrashDumps

2016-04-16 10:08 - 2015-06-08 13:44 - 00000000 ____D C:\Users\garyh\AppData\Local\Wunderlist

2016-04-15 22:38 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps

2016-04-15 15:13 - 2015-08-04 18:23 - 00000000 ____D C:\Users\garyh\AppData\Local\Packages

2016-04-15 12:37 - 2015-06-06 11:25 - 00002259 _____ C:\WINDOWS\epplauncher.mif

2016-04-15 12:24 - 2015-11-16 18:33 - 00512032 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2016-04-15 12:23 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2016-04-15 12:23 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\appraiser

2016-04-15 12:23 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

2016-04-15 12:23 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\bcastdvr

2016-04-14 15:48 - 2015-12-15 10:02 - 00003856 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1582027158-3427342393-2586192252-1001

2016-04-14 15:48 - 2015-12-15 10:02 - 00003760 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1582027158-3427342393-2586192252-1001

2016-04-13 16:45 - 2010-11-20 20:27 - 00453280 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2016-04-13 10:53 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp

2016-04-13 10:52 - 2015-05-29 11:16 - 00000000 ____D C:\WINDOWS\system32\MRT

2016-04-13 10:51 - 2015-05-29 11:16 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2016-04-11 14:03 - 2015-07-14 16:40 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-04-11 09:29 - 2015-06-06 14:54 - 00004208 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm

2016-04-11 09:29 - 2015-06-06 14:54 - 00003590 _____ C:\WINDOWS\System32\Tasks\Run RoboForm TaskBar Icon

2016-04-08 12:32 - 2015-06-14 12:33 - 00000000 ____D C:\Program Files (x86)\Dropbox

2016-04-06 11:32 - 2015-10-30 00:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2016-04-06 11:32 - 2015-10-30 00:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2016-03-19 12:41 - 2015-06-06 14:21 - 00000000 ____D C:\Users\garyh\AppData\Local\Dropbox

2016-03-19 10:30 - 2015-11-16 18:35 - 00000000 ____D C:\Users\QBDataServiceUser23

==================== Files in the root of some directories =======

2015-06-07 11:16 - 2015-06-07 11:17 - 1419368 ____T (CPUID) C:\Users\garyh\AppData\Roaming\cpuidsdk.dll

2015-06-07 11:16 - 2015-06-07 11:17 - 0159200 ____T () C:\Users\garyh\AppData\Roaming\CrashRpt1402.dll

2015-06-07 11:16 - 2015-06-07 11:17 - 0008214 ____T () C:\Users\garyh\AppData\Roaming\crashrpt_lang.ini

2015-06-07 11:16 - 2015-06-07 11:17 - 0997344 ____T () C:\Users\garyh\AppData\Roaming\CrashSender1402.exe

2015-06-07 11:16 - 2015-06-07 11:17 - 1080656 ____T (Microsoft Corporation) C:\Users\garyh\AppData\Roaming\dbghelp.dll

2015-06-12 10:05 - 2015-06-12 10:05 - 0000057 _____ () C:\ProgramData\Ament.ini

2015-06-07 12:44 - 2016-03-18 12:23 - 0001853 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

2015-08-19 08:51 - 2016-01-15 16:25 - 0000479 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

2014-10-14 04:49 - 2014-10-14 04:49 - 0002465 _____ () C:\ProgramData\regid.2012-08.com.Corel,Roxio_76C7858E-078C-4C49-AB1A-2A7072664935.swidtag

Some files in TEMP:

====================

C:\Users\garyh\AppData\Local\Temp\dllnt_dump.dll

C:\Users\garyh\AppData\Local\Temp\libeay32.dll

C:\Users\garyh\AppData\Local\Temp\msvcr120.dll

C:\Users\garyh\AppData\Local\Temp\RoboForm-Setup.exe

C:\Users\garyh\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-04-09 11:45

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-04-2016

Ran by garyh (2016-04-18 12:19:01)

Running from C:\Users\garyh\Desktop\Virus

Windows 10 Pro Version 1511 (X64) (2015-11-17 01:42:07)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1582027158-3427342393-2586192252-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-1582027158-3427342393-2586192252-503 - Limited - Disabled)

garyh (S-1-5-21-1582027158-3427342393-2586192252-1001 - Administrator - Enabled) => C:\Users\garyh

Guest (S-1-5-21-1582027158-3427342393-2586192252-501 - Limited - Disabled)

iBuyPower (S-1-5-21-1582027158-3427342393-2586192252-1000 - Administrator - Enabled) => C:\Users\iBuyPower

QBDataServiceUser23 (S-1-5-21-1582027158-3427342393-2586192252-1002 - Limited - Enabled) => C:\Users\QBDataServiceUser23

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)

Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)

AmericasCardroom (HKLM-x32\...\296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE) (Version: 16.6 - IGSoft)

Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)

Audials (HKLM-x32\...\{56E65057-D74D-4265-B2BC-0086546A1D75}) (Version: 14.0.43404.400 - Audials AG)

BCL easyConverter SDK 3 (Word Version) 64 (HKLM\...\{350CC85B-CA59-4F85-909D-8E4CDBF532FA}) (Version: 3.0.64 - BCL Technologies)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)

ChromecastApp (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)

Citrix Online Launcher (HKLM-x32\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix)

Contents (x32 Version: 1.0.0.93 - Corel Corporation) Hidden

Corel FastFlick (HKLM-x32\...\_{10EC8494-8A92-49D8-9677-2483EB01F7F1}) (Version: 1.0.0.93 - Corel Corporation)

Corel PaintShop Pro X6 (HKLM-x32\...\_{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}) (Version: 16.2.0.20 - Corel Corporation)

Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.8.0.203 - Corel Inc.)

Creator NXT 3 Content (x32 Version: 16.0.004 - Roxio) Hidden

Dazzle Video Capture DVC100 X64 Driver 1.06 (x32 Version: 1.06.0000 - Pinnacle) Hidden

DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden

Dropbox (HKLM-x32\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)

Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden

Family Tree Maker 2014 (HKLM-x32\...\Family Tree Maker 2014) (Version: 22.0.207 - Ancestry.com, Inc.)

Family Tree Maker 2014 (Version: 22.0.207 - Ancestry.com, Inc.) Hidden

Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)

Full Flush Poker 8.2 (HKLM-x32\...\Full Flush Poker 8.2) (Version: 8.2.12.201509140800 - Full Flush Poker)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden

GoToMeeting 7.16.0.4800 (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\GoToMeeting) (Version: 7.16.0.4800 - CitrixOnline)

HDR Express 3 (HKLM-x32\...\HDR Express 3) (Version: 3.0.0.11677 - Unified Color Technologies)

HP Officejet 7500 E910 Basic Device Software (HKLM\...\{7CF50183-026B-418D-A26C-A254290BD824}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Officejet 7500 E910 Help (HKLM-x32\...\{24DC9885-E759-4BD2-8A20-D4AC509A7FDE}) (Version: 140.0.93.93 - Hewlett Packard)

HP Officejet 7500 E910 Product Improvement Study (HKLM\...\{CC9F7DAB-5F9B-43B1-882C-1CC2A231EF40}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)

HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden

I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

ICA (x32 Version: 1.0.0.93 - Corel Corporation) Hidden

ICA (x32 Version: 16.2.0.20 - Corel Corporation) Hidden

Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)

InstaRate (HKLM-x32\...\{7AABFAB3-D4D0-4316-A70A-72CC369A8A12}) (Version: 4.0.0 - DYMO Endicia)

Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)

IPM_PSP_COM64 (Version: 16.2.0.20 - Corel Corporation) Hidden

IPM_VS_Pro (x32 Version: 1.0 - Corel Corporation) Hidden

iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)

iZotope Music & Speech Cleaner (HKLM-x32\...\iZotope Music & Speech Cleaner_is1) (Version: 1.00 - iZotope, Inc.)

Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)

KakaoTalk (HKLM-x32\...\KakaoTalk) (Version: 2.1.1.1103 - Kakao Corp.)

LifeScan USB Device Driver vSL2.0 (Driver Removal) (HKLM-x32\...\LFSVCOMM&10C4&85A7) (Version: - LifeScan Inc)

Living Cookbook 2015 (HKLM-x32\...\Living Cookbook 2015) (Version: 5.0.85 - Radium Technologies, Inc.)

Living Cookbook 2015 (x32 Version: 5.0.85 - Radium Technologies) Hidden

Logitech Media Server 7.7.5 (HKLM-x32\...\Logitech Media Server_is1) (Version: 7.7.5 - Logitech)

Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)

Meter Drivers for OneTouch(R) Software (x32 Version: 1.10.0.0 - LifeScan) Hidden

Meter Drivers for OneTouch(R) Software (x32 Version: 1.9.1.0 - LifeScan) Hidden

Meter Drivers for OneTouch(R) Software v1.10.0.0 (HKLM-x32\...\InstallShield_{A2C173E1-FB29-4B31-8ED6-CBEE8025E00A}) (Version: 1.10.0.0 - LifeScan)

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)

Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.6001.1068 - Microsoft Corporation)

Microsoft Office 365 ProPlus - ko-kr (HKLM\...\O365ProPlusRetail - ko-kr) (Version: 16.0.6001.1068 - Microsoft Corporation)

Microsoft Office 365 Support and Recovery Assistant (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\4415f693b586d348) (Version: 16.0.965.6 - Microsoft Corporation)

Microsoft Office 언어교정도구 2013 - 한국어 (HKLM\...\{90150000-001F-0412-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.12.00 - NETGEAR Inc.)

NVIDIA 3D Vision Driver 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.54 - NVIDIA Corporation)

NVIDIA Graphics Driver 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)

NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6001.1068 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1068 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6001.1068 - Microsoft Corporation) Hidden

OneTouch Software (HKLM-x32\...\{82FEBE5D-61EC-4365-A213-2B278780945E}) (Version: - )

PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 11.0 - PlotSoft LLC)

PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)

PSPPContent (x32 Version: 16.2.0.20 - Corel Corporation) Hidden

PSPPHelp (x32 Version: 16.2.0.20 - Corel Corporation) Hidden

PSPPro64 (Version: 16.2.0.20 - Corel Corporation) Hidden

QuickBooks (x32 Version: 23.0.4017.2305 - Intuit Inc.) Hidden

QuickBooks Pro 2013 (HKLM-x32\...\{3C631966-387E-4054-85D9-BBFFABE32BD8}) (Version: 23.0.4012.2305 - Intuit Inc.)

QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)

RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.68.201.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)

RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.0) (Version: 18.0.0 - RealNetworks)

Rhapsody (HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\8aa854a199af1b36) (Version: 6.17.22.0 - Rhapsody International Inc.)

RoboForm 7-9-18-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-18-5 - Siber Systems)

Roxio Creator NXT 3 Content (HKLM-x32\...\{2DF5BF6E-D32C-4B81-9012-F62B58AFF819}) (Version: 1.0.4.0 - Roxio)

Roxio Creator NXT Pro 3 (HKLM-x32\...\{7B4B9450-39C8-454A-AA2D-6548EE4D21EB}) (Version: 16.0.50.1 - Roxio)

Roxio Virtual Drive x64 (Version: 1.00.0000 - Roxio, Inc.) Hidden

Setup (x32 Version: 1.0.0.93 - Corel Corporation) Hidden

Setup (x32 Version: 16.2.0.20 - Corel Corporation) Hidden

Share (x32 Version: 1.0.0.93 - Corel Corporation) Hidden

SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)

TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)

TurboTax Business 2014 (HKLM-x32\...\TurboTax Business 2014) (Version: 2014.0 - Intuit, Inc)

TurboTax Business 2015 (HKLM-x32\...\TurboTax Business 2015) (Version: 2015.0 - Intuit, Inc)

VSClassic (x32 Version: 1.0.0.93 - Corel Corporation) Hidden

VSPro (x32 Version: 1.0.0.93 - Corel Corporation) Hidden

glhglh · Apr 18, 2016

Post 3 of 3:

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{1F6DE925-8416-40D4-BC66-D69DB9D4360B}\InprocServer32 -> E:\Program Files (x86)\Roxio Creator NXT Pro 3\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation)

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\garyh\AppData\Local\Citrix\GoToMeeting\3911\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.29.2\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {010021D3-7468-4BE0-BB95-1E99953FFFE8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-02-28] (Microsoft Corporation)

Task: {020CDFF2-405F-4755-86F8-BAF383A7306B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe

Task: {0286A298-A8B9-4D00-8CED-C19FAAF9D314} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

Task: {053B9102-DA14-4586-89EB-9240A170F9E7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

Task: {06827A60-3614-46B2-80CD-80AD103BBE68} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

Task: {0C8044B7-564C-4344-BFAF-C9BAC1451A6A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-02-28] (Microsoft Corporation)

Task: {15AF6BF3-EA88-4D9F-96F2-03646CB3A6D6} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {16CF9C2D-90FC-47CD-9015-8D5F5C826F8F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe

Task: {17D257EE-4694-4A73-8236-914BE8949B7C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

Task: {1877D7EF-2BA4-4E22-A319-03401E06F013} - System32\Tasks\HPCustParticipation HP Officejet 7500 E910 => C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {19909A94-529E-43B0-BAB1-ABBA87990796} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe

Task: {29C3DDF4-32D3-4B0E-A23E-F4453C3BA37B} - System32\Tasks\DropboxUpdateTaskMachineCore => c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-14] (Dropbox, Inc.)

Task: {36E052B8-60B8-44C6-B307-A38B845839E3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {444E8B98-2120-4CDD-8707-BE33754CD225} - System32\Tasks\DropboxUpdateTaskMachineUA => c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-14] (Dropbox, Inc.)

Task: {4589D9A4-8370-45BF-A1D6-1AE56143A5CF} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {46C0E4D1-21FB-424A-8F72-8A8A2BFC618E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

Task: {51C21FB6-DD43-4E1F-B2BE-0E5C99C29135} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

Task: {5279A8AE-46B0-46AA-A8A1-5FB2BB63E7B8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe

Task: {548B8F39-71A9-45B4-8368-D24F97BBF07B} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)

Task: {55CDD935-986B-49BD-98E2-44124B12CD1F} - System32\Tasks\{04203175-1EFD-48AD-AD2F-ADE80ED6A6E9} => E:\Program Files (x86)\LifeScan\OneTouch\Bin\OneTouch.exe [2010-10-29] (Lifescan, Inc.)

Task: {5A18E9CC-B380-440A-A894-00D1863C4FFC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {60263785-CC87-4026-A852-96A8C3E77124} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

Task: {65472034-27B1-4069-AE6E-4A92CD7785A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23] (Google Inc.)

Task: {66EE197C-3DA6-4750-8948-37B58E041103} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMLMJJHMJJGMMJJJHMCNOJKMHMGMCNLMMJPMKMCNNJOJHMNJCNJJJJHMGMJMNMLJKJMJMJMMJMJNJICMIMCNGMCNOMHMFMOMOMCNOMJMNMCNOMPMKMHMJMFMPMCNPMCNOMPMKMHMJMCNNMJNPICMOMFMEKMICNJJCKFMGMMMMMJNHICMEKMICNJJCKJNBJCMIJOJNIGIHJJNKJCMJNNICMJNDJCMKJBJJN (the data entry has 49 more characters).

Task: {6C3B4D40-BCD3-4A84-8F48-28A3588733B3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

Task: {6C76BBF0-3FEC-4EA5-A7F0-E59C91643893} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {6EA1C474-1477-4BC7-8AE3-AA6FBE99980D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

Task: {722BEF1A-4E17-4F22-B665-85ED51061FEF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe

Task: {74E689BA-1DC7-42D3-A13B-E5A87AB0C6BE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: {7A513374-8710-4256-82F4-65DD82458D77} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe

Task: {7D0AD3FD-9759-4B2C-BF9A-474DAD3E0881} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {822C2D6E-1031-4FCF-A869-CEA96F83C01E} - System32\Tasks\{88FFE30B-44F2-4C15-804E-4C25BAAEA64F} => pcalua.exe -a "E:\Dropbox\GLH Download\One Touch Verio IQ\onetouchsetup.exe" -d C:\Users\garyh\Desktop

Task: {84ABABEA-D515-499A-92C7-D491948F20FD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation)

Task: {8C78D663-6419-4E83-9FA8-9C4E0BF63B0E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)

Task: {8DBC5BF8-CB88-4391-A981-1AD7C39A8F5B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

Task: {8E67863A-61E2-4EF7-ADA9-A899604F47E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001UA => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

Task: {8E9EB077-8E93-4C4B-AC23-2137259DAAF9} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe

Task: {8FAA5D71-5329-4331-8EA6-FC4F8CF89562} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

Task: {8FAD31C0-B191-4780-AA18-CEB660D5C293} - System32\Tasks\{86D647C4-0E71-4FC9-A15B-A3A9240B1764} => E:\Program Files (x86)\LifeScan\OneTouch\Bin\OneTouch.exe [2010-10-29] (Lifescan, Inc.)

Task: {9037D9B4-2274-4389-AC8A-2658012583E2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe

Task: {939E325B-10C3-4FE9-8DD8-C7608651B61D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-02-28] (Microsoft Corporation)

Task: {93B46180-C213-4D15-A347-B23B754360C9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

Task: {9691E867-E446-425B-A441-7DB3646A4DBA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {9C78AFE9-1156-49AD-9016-A7D9685690E6} - System32\Tasks\{2EE708D3-AF0B-40B6-B84A-40E122817F95} => pcalua.exe -a "E:\Dropbox\GLH Download\Quickbooks\QB Pro 2013 R11\QuickBooksPro2013.exe" -d "E:\Dropbox\GLH Download\Quickbooks\QB Pro 2013 R11"

Task: {A05FDA29-9558-4679-80FB-B80444214EB1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe

Task: {ABEC5067-563A-47D6-B689-0F650A15BF9A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe

Task: {B032B24A-FD04-490E-BF8F-994CCDA15F61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-21] (Adobe Systems Incorporated)

Task: {B849B5BC-D88D-41C9-94ED-3D131EA119F9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)

Task: {BB285A88-CE86-41E8-B079-DA7C726227C5} - System32\Tasks\G2MUpdateTask-S-1-5-21-1582027158-3427342393-2586192252-1001 => C:\Users\garyh\AppData\Local\Citrix\GoToMeeting\4800\g2mupdate.exe [2016-04-14] (Citrix Online, a division of Citrix Systems, Inc.)

Task: {C1C40053-ED42-42EC-BFC3-661385B47A8E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe

Task: {C23416C8-9F9D-4AE1-B15E-A396612BD210} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)

Task: {C833DCAE-33AC-43BF-BE50-B257C078880E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-23] (Google Inc.)

Task: {C9A57C46-374F-44B4-B0F6-BE356E11189A} - System32\Tasks\G2MUploadTask-S-1-5-21-1582027158-3427342393-2586192252-1001 => C:\Users\garyh\AppData\Local\Citrix\GoToMeeting\4800\g2mupload.exe [2016-04-14] (Citrix Online, a division of Citrix Systems, Inc.)

Task: {CFCBA3A2-5B16-495D-B23D-0EEBECB80122} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {D09D6C48-4606-484E-8B36-5A8996D99EB6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

Task: {D2522F8D-341B-4616-AC03-52F7B724D609} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2016-04-11] (Siber Systems)

Task: {E2CCC9A0-B087-4DE2-A3B3-4AE5E6FE21B4} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe

Task: {E6914100-4127-4247-AA70-505F830E19DC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)

Task: {EB2C04BC-793E-4A86-B6D6-17D7F45F4A1F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

Task: {F1961095-2E7F-4A26-9C99-DE0D1F04FAA3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {F1B2935D-C89E-44F3-A426-40A1844D3C8C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

Task: {F1C9BA7D-4928-4BD5-A0AA-1C28C96BE954} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {F258A9D3-A55D-41A3-B410-01AB24B32055} - System32\Tasks\{80489BCB-EE3D-4BE7-8EC5-3FF208178E34} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "E:\Program Files (x86)\LifeScan\OneTouch\Bin\OneTouch.exe"

Task: {F638E72F-3482-4DF7-A67E-54884BA4D375} - System32\Tasks\{A4A3037D-6915-4CFA-B777-F2345A305136} => E:\Program Files (x86)\LifeScan\OneTouch\Bin\OneTouch.exe [2010-10-29] (Lifescan, Inc.)

Task: {F9C68FEA-3FBF-4541-8604-D8D0330B2306} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001Core => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

Task: {FA507CC4-B915-47CD-BA6B-31892EB28757} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe

Task: {FCA8C2E3-D6B7-4BBF-8791-F64EF14FFDB7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => c:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1582027158-3427342393-2586192252-1001.job => C:\Users\garyh\AppData\Local\Citrix\GoToMeeting\4800\g2mupdate.exe

Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1582027158-3427342393-2586192252-1001.job => C:\Users\garyh\AppData\Local\Citrix\GoToMeeting\4800\g2mupload.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001Core.job => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1582027158-3427342393-2586192252-1001UA.job => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 00:17 - 2015-10-30 00:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll

2015-10-30 00:18 - 2015-10-30 00:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2014-01-22 02:04 - 2014-01-22 02:04 - 00022760 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe

2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2015-10-13 06:45 - 2015-10-13 06:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2016-02-24 14:26 - 2016-02-28 00:41 - 00171720 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll

2014-10-23 07:12 - 2014-10-23 07:12 - 00032784 _____ () e:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe

2016-04-12 12:40 - 2016-03-29 03:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2016-04-12 12:40 - 2016-03-29 03:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

2016-01-06 09:41 - 2016-01-06 09:41 - 00062168 _____ () E:\Program Files\CCleaner\branding.dll

2013-10-16 03:02 - 2013-10-16 03:02 - 00535784 _____ () E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe

2016-04-12 12:39 - 2016-04-01 19:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2015-12-17 20:01 - 2015-12-06 21:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll

2016-04-12 12:39 - 2016-04-01 20:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

2016-04-12 12:39 - 2016-04-01 20:26 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll

2013-10-16 03:03 - 2013-10-16 03:03 - 01723624 _____ () E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\Roxio Burn.exe

2016-04-12 12:40 - 2016-04-01 20:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2016-04-12 12:40 - 2016-04-01 19:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2016-04-12 12:40 - 2016-04-01 20:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2014-01-22 02:04 - 2014-01-22 02:04 - 03322600 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BEngine.dll

2014-01-22 02:04 - 2014-01-22 02:04 - 00524520 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\TRREngine.dll

2014-01-22 02:04 - 2014-01-22 02:04 - 00108776 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\Logging.dll

2013-10-16 03:02 - 2013-10-16 03:02 - 00679144 _____ () E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\BBEngineAS.dll

2012-05-22 20:01 - 2012-05-22 20:01 - 00723600 _____ () E:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\AS_Archive.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\sharepoint.com -> hxxps://nwgroup.sharepoint.com

IE restricted site: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\about.com -> hxxp://index.about.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\garyh\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\853_10151767637662483_491472491_n.jpg

HKU\S-1-5-21-1582027158-3427342393-2586192252-1002\Control Panel\Desktop\\Wallpaper ->

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"

HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808

FirewallRules: [{16A020ED-EA20-4080-B50C-EE38AA182C8F}] => (Allow) LPort=31931

FirewallRules: [{561324C3-C6F2-4506-A2A0-6E63CB357B7A}] => (Allow) LPort=14714

FirewallRules: [{FDEC156F-53BA-4CB9-B1F6-3CE45F493F56}] => (Allow) LPort=12972

FirewallRules: [{F8A1F1D9-14BB-42C0-88D1-ACDC4FDAED04}] => (Allow) E:\Program Files (x86)\Audials\Audials 2016\Audials.exe

FirewallRules: [UDP Query User{A677FBD9-7B90-4329-9573-F5F53E6C848F}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [TCP Query User{B7139463-D604-47F9-9D2A-C1A87D0EAEA0}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [{D6CAEBFC-6B35-4B05-BD53-E136DDB0BDE8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{76DF4009-D834-46B0-BA7E-872CDE355E7A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{F9BFF867-180A-4C2D-88CE-5C6E0AB51F36}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{FDC30CD0-757A-4369-8359-00C9628A63E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{9BA983CD-6637-4F9B-9579-BC17A1E4759B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe

FirewallRules: [{B6FBB69C-812A-480A-8415-42E7CC29B864}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe

FirewallRules: [{CEB5C53F-8C1B-40F3-B73D-F4738A688C5A}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe

FirewallRules: [{FFDF3704-F410-403D-91D5-154616B6BBB1}] => (Allow) e:\Program Files (x86)\Squeezebox\server\SqueezeSvr.exe

FirewallRules: [{95CDBD1E-09D5-4268-9BC6-BB98BD681179}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\bin\FaxApplications.exe

FirewallRules: [{60B92B18-E7B6-46BD-BA8B-DFDDF0CD3E6C}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\bin\DigitalWizards.exe

FirewallRules: [{17B1384C-A6B7-422C-B7F2-23CF0E840F44}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\bin\SendAFax.exe

FirewallRules: [{8D294351-5AB1-4BDA-AFB5-27CDC95D2510}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\DeviceSetup.exe

FirewallRules: [{0B97616B-F131-4F0E-8345-02C1939EDE1D}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe

FirewallRules: [{682E5AD5-9CE3-4709-A3F4-5E248C20C938}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicatorCom.exe

FirewallRules: [TCP Query User{22877C1F-F472-4282-BDD7-C472CF529CE8}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [UDP Query User{C03DB45F-5A17-48F1-A376-48ED57899835}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [TCP Query User{C4133629-E94B-4D97-917C-D1383EC2C98D}E:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) E:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [UDP Query User{F69B742A-850C-40C5-B4F5-9C2362F0D591}E:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) E:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [TCP Query User{3CC0AA5C-495E-4840-89F7-F4E64FFD37DA}E:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) E:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [UDP Query User{3FEA5E21-6EEE-45CA-8D76-CEE51EDC48C6}E:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) E:\program files (x86)\netgear genie\bin\netgeargenie.exe

FirewallRules: [{412A587B-0CC5-44C2-A3A0-11677CA44B2D}] => (Allow) E:\Program Files\iTunes\iTunes.exe

FirewallRules: [{5A87A198-75E9-4BBA-A073-961A5D324A23}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe

FirewallRules: [{7B9DC21E-AF49-4964-A94B-5AE0E7C5AB0C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe

FirewallRules: [{0050F977-F02A-4541-8D08-8C49E53BA114}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe

FirewallRules: [{487D3A38-8AB1-48D6-B448-6C1EADCCE593}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

FirewallRules: [{24FBC411-6563-4CA7-BD54-09DBC26F69D4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

FirewallRules: [TCP Query User{BA8F08C5-699A-41B6-979B-B36316F35BCE}E:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Allow) E:\program files (x86)\kakao\kakaotalk\kakaotalk.exe

FirewallRules: [UDP Query User{AE64F0CC-76DD-4A57-8DBC-18053BE56650}E:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Allow) E:\program files (x86)\kakao\kakaotalk\kakaotalk.exe

FirewallRules: [{7D5C9928-DC84-4728-9177-8FAFDD198178}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

FirewallRules: [{3779367F-A744-4F22-9A7B-69D75E3B832A}] => (Allow) c:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{9EF0D159-49D8-477F-939C-039AA2396ED8}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe

FirewallRules: [{BB890EA4-D545-48CD-A360-DD93CE02EC95}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{3295C31A-C03C-4ECC-9764-2FA4AA60BCC9}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{16679652-FD13-4A29-80ED-973A9A453BC3}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{756823AC-F3A7-44A4-B88E-C552C5292564}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

FirewallRules: [{D0E6FB03-5CB4-4ED8-84F5-D98901D8B42A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

DomainProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI)

DomainProfile\GloballyOpenPorts: [9001:TCP] => Enabled:Logitech Media Server 9001 tcp (UI)

DomainProfile\GloballyOpenPorts: [9002:TCP] => Enabled:Logitech Media Server 9002 tcp (UI)

DomainProfile\GloballyOpenPorts: [9003:TCP] => Enabled:Logitech Media Server 9003 tcp (UI)

DomainProfile\GloballyOpenPorts: [9004:TCP] => Enabled:Logitech Media Server 9004 tcp (UI)

DomainProfile\GloballyOpenPorts: [9005:TCP] => Enabled:Logitech Media Server 9005 tcp (UI)

DomainProfile\GloballyOpenPorts: [9006:TCP] => Enabled:Logitech Media Server 9006 tcp (UI)

DomainProfile\GloballyOpenPorts: [9007:TCP] => Enabled:Logitech Media Server 9007 tcp (UI)

DomainProfile\GloballyOpenPorts: [9008:TCP] => Enabled:Logitech Media Server 9008 tcp (UI)

DomainProfile\GloballyOpenPorts: [9009:TCP] => Enabled:Logitech Media Server 9009 tcp (UI)

DomainProfile\GloballyOpenPorts: [9010:TCP] => Enabled:Logitech Media Server 9010 tcp (UI)

DomainProfile\GloballyOpenPorts: [9100:TCP] => Enabled:Logitech Media Server 9100 tcp (UI)

DomainProfile\GloballyOpenPorts: [8000:TCP] => Enabled:Logitech Media Server 8000 tcp (UI)

DomainProfile\GloballyOpenPorts: [10000:TCP] => Enabled:Logitech Media Server 10000 tcp (UI)

DomainProfile\GloballyOpenPorts: [9090:TCP] => Enabled:Logitech Media Server 9090 tcp (UI)

DomainProfile\GloballyOpenPorts: [3483:UDP] => Enabled:Logitech Media Server 3483 udp

DomainProfile\GloballyOpenPorts: [3483:TCP] => Enabled:Logitech Media Server 3483 tcp

StandardProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI)

StandardProfile\GloballyOpenPorts: [9001:TCP] => Enabled:Logitech Media Server 9001 tcp (UI)

StandardProfile\GloballyOpenPorts: [9002:TCP] => Enabled:Logitech Media Server 9002 tcp (UI)

StandardProfile\GloballyOpenPorts: [9003:TCP] => Enabled:Logitech Media Server 9003 tcp (UI)

StandardProfile\GloballyOpenPorts: [9004:TCP] => Enabled:Logitech Media Server 9004 tcp (UI)

StandardProfile\GloballyOpenPorts: [9005:TCP] => Enabled:Logitech Media Server 9005 tcp (UI)

StandardProfile\GloballyOpenPorts: [9006:TCP] => Enabled:Logitech Media Server 9006 tcp (UI)

StandardProfile\GloballyOpenPorts: [9007:TCP] => Enabled:Logitech Media Server 9007 tcp (UI)

StandardProfile\GloballyOpenPorts: [9008:TCP] => Enabled:Logitech Media Server 9008 tcp (UI)

StandardProfile\GloballyOpenPorts: [9009:TCP] => Enabled:Logitech Media Server 9009 tcp (UI)

StandardProfile\GloballyOpenPorts: [9010:TCP] => Enabled:Logitech Media Server 9010 tcp (UI)

StandardProfile\GloballyOpenPorts: [9100:TCP] => Enabled:Logitech Media Server 9100 tcp (UI)

StandardProfile\GloballyOpenPorts: [8000:TCP] => Enabled:Logitech Media Server 8000 tcp (UI)

StandardProfile\GloballyOpenPorts: [10000:TCP] => Enabled:Logitech Media Server 10000 tcp (UI)

StandardProfile\GloballyOpenPorts: [9090:TCP] => Enabled:Logitech Media Server 9090 tcp (UI)

StandardProfile\GloballyOpenPorts: [3483:UDP] => Enabled:Logitech Media Server 3483 udp

StandardProfile\GloballyOpenPorts: [3483:TCP] => Enabled:Logitech Media Server 3483 tcp

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (04/17/2016 11:10:18 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073418220

Error: (04/17/2016 02:24:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: GLH-DESKTOP-I7)

Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

Error: (04/17/2016 02:24:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: GLH-DESKTOP-I7)

Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.

Error: (04/17/2016 02:24:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: GLH-DESKTOP-I7)

Description: Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile.

DETAIL - The process cannot access the file because it is being used by another process.

Error: (04/17/2016 02:24:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)

Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The process cannot access the file because it is being used by another process.

for C:\Users\QBDataServiceUser23\ntuser.dat

Error: (04/17/2016 02:22:19 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: svchost.exe, version: 10.0.10586.0, time stamp: 0x5632d7ba

Faulting module name: ESENT.dll, version: 10.0.10586.212, time stamp: 0x56fa1686

Exception code: 0xc0000602

Fault offset: 0x000000000022885f

Faulting process id: 0x950

Faulting application start time: 0xsvchost.exe0

Faulting application path: svchost.exe1

Faulting module path: svchost.exe2

Report Id: svchost.exe3

Faulting package full name: svchost.exe4

Faulting package-relative application ID: svchost.exe5

Error: (04/17/2016 02:22:19 PM) (Source: ESENT) (EventID: 908) (User: )

Description: svchost (2384) Terminating process due to non-recoverable failure: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1601(dir.cxx:753): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)

Error: (04/17/2016 01:54:59 PM) (Source: QuickBooks) (EventID: 4) (User: )

Description: An unexpected error has occured in "QuickBooks Pro 2013":

DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from function:'DBMgr:

BConnPool::init'

Error: (04/17/2016 01:54:59 PM) (Source: QuickBooks) (EventID: 4) (User: )

Description: An unexpected error has occured in "QuickBooks Pro 2013":

Connection String:CON=QBConnectionPool-Probe-QB_GLH-DESKTOP-I7_23;;DBF=E:\Dropbox\My Documents\Quick Books\QB Data 5-19-2015\NERI 2013.QBW;CommLinks="ShMem,tcpip(IP=192.168.1.2;TO=5;DOBROADCAST=NONE;port=55353)";ServerName=QB_GLH-DESKTOP-I7_23;DBN=19ca94c44cbe49f691ae6cdade9205fe

Error: (04/17/2016 01:54:59 PM) (Source: QuickBooks) (EventID: 4) (User: )

Description: An unexpected error has occured in "QuickBooks Pro 2013":

Connection Error:Invalid user ID or password

System errors:

=============

Error: (04/17/2016 02:44:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

Error: (04/17/2016 02:40:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:

%%1058

Error: (04/17/2016 02:39:55 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:

%%1056

Error: (04/17/2016 02:39:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The User Data Access_55fad service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/17/2016 02:39:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The User Data Storage_55fad service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/17/2016 02:39:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Contact Data_55fad service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/17/2016 02:39:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Sync Host_55fad service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (04/17/2016 02:39:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Roxio Burn Launcher service terminated unexpectedly. It has done this 1 time(s).

Error: (04/17/2016 02:39:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The IviRegMgr service terminated unexpectedly. It has done this 1 time(s).

Error: (04/17/2016 02:39:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intuit Update Service v4 service terminated unexpectedly. It has done this 1 time(s).

CodeIntegrity:

===================================

Date: 2016-04-18 10:38:24.023

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-18 10:38:24.011

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-18 10:38:23.998

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-18 10:38:23.983

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-18 10:38:23.970

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-18 10:38:23.957

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-18 10:38:23.942

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-18 10:38:23.930

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-18 10:38:23.917

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-18 10:38:23.505

Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz

Percentage of memory in use: 17%

Total physical RAM: 16322.37 MB

Available physical RAM: 13448.45 MB

Total Virtual: 32706.37 MB

Available Virtual: 29465.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:55.65 GB) NTFS

Drive d: (TurboTax 2015) (CDROM) (Total:0.14 GB) (Free:0 GB) CDFS

Drive e: (New Volume) (Fixed) (Total:931.51 GB) (Free:439.06 GB) NTFS

Drive f: (Shared Media Backup) (Fixed) (Total:465.76 GB) (Free:71.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5D226E4A)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 23D9CB80)

Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================

Disk: 2 (Size: 465.8 GB) (Disk ID: A4B57300)

Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Broni · Apr 18, 2016

In the future please use Notepad instead of Wordpad to open logs.
Wordpad creates an extra space and all logs are twice as long and harder for me to read.
Thank you

Did you disable system restore for whatever reason?

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

glhglh · Apr 19, 2016

No I did not disable the system restore.

I turned it on for disk C and created a restore point. I don't know when or how it was turned off, reading, it seems like the default on Windows 10 is off????

Sorry on the word, I was using the count characters, because the posts were to long.

Here is the new fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x64) Version:13-04-2016
Ran by garyh (2016-04-19 12:10:23) Run:1
Running from C:\Users\garyh\Desktop\Virus
Loaded Profiles: garyh & QBDataServiceUser23 (Available Profiles: iBuyPower & garyh & QBDataServiceUser23 & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\...\MountPoints2: {a0d7e724-3afa-11e5-9bc2-806e6f6e6963} - "D:\setup.exe"
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (No File)
GroupPolicyScripts\User: Restriction <======= ATTENTION
U3 idsvc; no ImagePath
U5 REALPLAYERUPDATESVC; no ImagePath
2015-06-07 11:16 - 2015-06-07 11:17 - 1419368 ____T (CPUID) C:\Users\garyh\AppData\Roaming\cpuidsdk.dll
2015-06-07 11:16 - 2015-06-07 11:17 - 0159200 ____T () C:\Users\garyh\AppData\Roaming\CrashRpt1402.dll
2015-06-07 11:16 - 2015-06-07 11:17 - 0008214 ____T () C:\Users\garyh\AppData\Roaming\crashrpt_lang.ini
2015-06-07 11:16 - 2015-06-07 11:17 - 0997344 ____T () C:\Users\garyh\AppData\Roaming\CrashSender1402.exe
2015-06-07 11:16 - 2015-06-07 11:17 - 1080656 ____T (Microsoft Corporation) C:\Users\garyh\AppData\Roaming\dbghelp.dll
2015-06-12 10:05 - 2015-06-12 10:05 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-06-07 12:44 - 2016-03-18 12:23 - 0001853 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-08-19 08:51 - 2016-01-15 16:25 - 0000479 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-10-14 04:49 - 2014-10-14 04:49 - 0002465 _____ () C:\ProgramData\regid.2012-08.com.Corel,Roxio_76C7858E-078C-4C49-AB1A-2A7072664935.swidtag
C:\Users\garyh\AppData\Local\Temp\dllnt_dump.dll
C:\Users\garyh\AppData\Local\Temp\libeay32.dll
C:\Users\garyh\AppData\Local\Temp\msvcr120.dll
C:\Users\garyh\AppData\Local\Temp\RoboForm-Setup.exe
C:\Users\garyh\AppData\Local\Temp\sqlite3.dll
CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.29.2\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
Task: {053B9102-DA14-4586-89EB-9240A170F9E7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {46C0E4D1-21FB-424A-8F72-8A8A2BFC618E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {60263785-CC87-4026-A852-96A8C3E77124} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {6C3B4D40-BCD3-4A84-8F48-28A3588733B3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {6EA1C474-1477-4BC7-8AE3-AA6FBE99980D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {74E689BA-1DC7-42D3-A13B-E5A87AB0C6BE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8DBC5BF8-CB88-4391-A981-1AD7C39A8F5B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {93B46180-C213-4D15-A347-B23B754360C9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9691E867-E446-425B-A441-7DB3646A4DBA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {CFCBA3A2-5B16-495D-B23D-0EEBECB80122} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EB2C04BC-793E-4A86-B6D6-17D7F45F4A1F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKU\S-1-5-21-1582027158-3427342393-2586192252-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0d7e724-3afa-11e5-9bc2-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{a0d7e724-3afa-11e5-9bc2-806e6f6e6963} => key not found.
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe => not found.
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
idsvc => service removed successfully
REALPLAYERUPDATESVC => service removed successfully
C:\Users\garyh\AppData\Roaming\cpuidsdk.dll => moved successfully
C:\Users\garyh\AppData\Roaming\CrashRpt1402.dll => moved successfully
C:\Users\garyh\AppData\Roaming\crashrpt_lang.ini => moved successfully
C:\Users\garyh\AppData\Roaming\CrashSender1402.exe => moved successfully
C:\Users\garyh\AppData\Roaming\dbghelp.dll => moved successfully
C:\ProgramData\Ament.ini => moved successfully
C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc => moved successfully
C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc => moved successfully
C:\ProgramData\regid.2012-08.com.Corel,Roxio_76C7858E-078C-4C49-AB1A-2A7072664935.swidtag => moved successfully
C:\Users\garyh\AppData\Local\Temp\dllnt_dump.dll => moved successfully
C:\Users\garyh\AppData\Local\Temp\libeay32.dll => moved successfully
C:\Users\garyh\AppData\Local\Temp\msvcr120.dll => moved successfully
C:\Users\garyh\AppData\Local\Temp\RoboForm-Setup.exe => moved successfully
C:\Users\garyh\AppData\Local\Temp\sqlite3.dll => moved successfully
"HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}" => key removed successfully
"HKU\S-1-5-21-1582027158-3427342393-2586192252-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{053B9102-DA14-4586-89EB-9240A170F9E7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{053B9102-DA14-4586-89EB-9240A170F9E7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{46C0E4D1-21FB-424A-8F72-8A8A2BFC618E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46C0E4D1-21FB-424A-8F72-8A8A2BFC618E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{60263785-CC87-4026-A852-96A8C3E77124}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60263785-CC87-4026-A852-96A8C3E77124}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C3B4D40-BCD3-4A84-8F48-28A3588733B3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C3B4D40-BCD3-4A84-8F48-28A3588733B3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EA1C474-1477-4BC7-8AE3-AA6FBE99980D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EA1C474-1477-4BC7-8AE3-AA6FBE99980D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74E689BA-1DC7-42D3-A13B-E5A87AB0C6BE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74E689BA-1DC7-42D3-A13B-E5A87AB0C6BE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8DBC5BF8-CB88-4391-A981-1AD7C39A8F5B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DBC5BF8-CB88-4391-A981-1AD7C39A8F5B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93B46180-C213-4D15-A347-B23B754360C9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93B46180-C213-4D15-A347-B23B754360C9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9691E867-E446-425B-A441-7DB3646A4DBA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9691E867-E446-425B-A441-7DB3646A4DBA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFCBA3A2-5B16-495D-B23D-0EEBECB80122}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFCBA3A2-5B16-495D-B23D-0EEBECB80122}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB2C04BC-793E-4A86-B6D6-17D7F45F4A1F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB2C04BC-793E-4A86-B6D6-17D7F45F4A1F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully

The system needed a reboot.

==== End of Fixlog 12:10:25 ====

Broni · Apr 19, 2016

Last scans...

Download Security Check from here or here and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:

Internet Services
Windows Firewall
System Restore
Security Center
Windows Update
Windows Defender
Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

Download Sophos Free Virus Removal Tool and save it to your desktop.

Double click the icon and select Run
Click Next
Select I accept the terms in this license agreement, then click Next twice
Click Install
Click Finish to launch the program
Once the virus database has been updated click Start Scanning
If any threats are found click Details, then View log file... (bottom left hand corner)
Copy and paste the results in your reply
Close the Notepad document, close the Threat Details screen, then click Start cleanup
Click Exit to close the program

glhglh · Apr 21, 2016

Security Check:

Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
`````````Anti-malware/Other Utilities Check:`````````
iZotope Music & Speech Cleaner
Java 8 Update 91
Java version 32-bit out of Date!
Google Chrome (49.0.2623.110)
Google Chrome (49.0.2623.112)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
garyh Desktop Virus SecurityCheck.exe
Windows Defender MpCmdRun.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

glhglh · Apr 21, 2016

FSS.txt:
Farbar Service Scanner Version: 27-01-2016
Ran by garyh (administrator) on 21-04-2016 at 17:20:33
Running from "C:\Users\garyh\Desktop\Virus"
Microsoft Windows 10 Pro (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Policy:
========================

Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

Broni · Apr 22, 2016

Sophos?

glhglh · Apr 22, 2016

No threats found.

Broni · Apr 22, 2016

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download

DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

Activate UAC (optional; some users prefer to keep it off)
Remove disinfection tools
Create registry backup
Purge System Restore
Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.

glhglh · Apr 25, 2016

Thanks, I'm going to run my notebook computer, then send you something.

Broni · Apr 25, 2016

Way to go!!
Good luck and stay safe

Solved Is Win10 & Defender/Security that good?

Posts: 701 +0

Posts: 701 +0

Posts: 701 +0

Posts: 56,041 +516

Posts: 701 +0

Posts: 701 +0

Posts: 701 +0

Posts: 701 +0

Posts: 56,041 +516

Posts: 701 +0

Posts: 701 +0

Posts: 701 +0

Posts: 56,041 +516

Attachments

Posts: 701 +0

Posts: 56,041 +516

Posts: 701 +0

Posts: 701 +0

Posts: 56,041 +516

Posts: 701 +0

Posts: 56,041 +516

Posts: 701 +0

Posts: 56,041 +516

Similar threads